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Comdisco Disaster Recovery Services, Inc. 
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Disaster Recovery 
Remote Testing 
Has Been Around 
for Years... But 
Never Like This. 


Introducing Comdisco Remote Testing 


With the most extensive network of regional Recovery Centers in 
North America, we've always paid close attention to convenience 
and cost efficiency on behalf of our customers. With CRT”, 
we're making disaster recovery activity more economical than 
ever before. 


State-of-the-art CRT options extend the reach of our Hot Sites, 
letting you test your contingency plan from your own office, in any 
location, at the keyboard of your own 3270 or PC. 


The benefits are substantial. CRT lets you avoid the cost of 
travel, meals and lodging for a significant number of your 
personnel. In a test mode, or during an actual disaster, three 
different CRT options get you into the CDRS Recovery Network— 
without necessarily having to go there. 


We're Comdisco Disaster Recovery Services, Inc. (CDRS)— 
keeping our customers close through innovation and service. 


Yes, CDRS! I'd like to know more. Please contact me regarding 
the following: 


____ CRT (Comdisco Remote Testing) 
____ Contingency Planning Services 


____ The CDRS Recovery Center in my area. 
____ Comdisco Data Center Development Services 


NAME 
COMPANY 


ADDRESS 


CITY STATE zip 


Clip and return to: Robert E. Barrett, Manager, Marketing Programs, CDRS, Inc., 
6400 Shafer Court, Rosemont, IL 60018. Or call 312/698-3000. 
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A NEW VIGILANCE Security has become a burning issue for executives at all levels. MIS has 


waged a long campaign to convince top management that securing the data center is not just impor- 
tant to business — it is critical. And the selling job may be paying off. Yet the flip side of extra 
security measures may mean a heavier work burden for MIS. By Stan Kolodziej. Page 20. 


SECURITY IN THE FIRST DEGREE The range of options available to secure an 


organization’s systems has broadened. Yet matching the right solution to the right problem remains 
a great challenge for MIS. Read about the simple and sophisticated products on the market to help 
you with your security concerns. By Michael Tucker. Page 17. 


TINKER, TAILOR, NETWORK SPY Keeping communications networks out of 


harm’s way demands a blend of technology and education. There is no one system that can keep an 
entire network safe; net security should be built on a number of roadblocks that, together, turn 
away threats. By John Vacca. Page 41. 
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Are you doing anything? 

By Toni B. Fish. A Big Eight firm’s 
security survey revealed that while 
corporate recognition of the impor- 
tance of security is growing, a large 
gap still exists between awareness 
and implementation. Page 23. 


Insider crimes threaten 

By Martin Nabut. Security in an or- 
ganization depends on the integrity 
and training of employees. Here’s 
how you can protect your company 
from itself. Page 25. 


Site uptime management 

By Kenneth Brill. MIS should prac- 
tice uptime procedures before a ca- 
lamity strikes. Page 33. 


Too much security 

By Rebecca Hurst.In these cost-ef- 
ficient times, learn how to trade off 
providing enough security against 
cost and usage. Page 37. 


Justice and data for all 


By Rebecca Hurst. When the gov- 
ernment tried to suppress informa- 
tion it deemed “‘sensitive but un- 
classified,”’ information managers 
did not take this censorship lying 
down. Page 45. 


Is it in the bank? 


By Robert Dratch. Banks have been 
at the forefront of the data security 
push, especially since the advent of 
sophisticated electronic exchange 
systems. Find out how safe your 
money really is. Page 49. 


Disaster recovery 


The disaster recovery field 
has become big business 
and big money. No wonder; 
the financial fallout after a 
disaster can be grave in- 
deed. Senior Editor Stan 
Kolodziej talks to MIS man- 
agers, consultants and di- 
saster survivors about pre- 
ventative measures and 
coping strategies should 
DP operations screech to a 
halt. Begins on page 27. 
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From the Editor 


Including your letters to us. Page 5. 


QandA 


A disaster survivor’s tips. Page 6. 


Commentary 
Sanford Sherizen, criminologist, on 
how to think like a thief. Page 8. 


Manager’s Corner 
Jim Young on measuring end-user 
computing’s success. Page 11. 


News & Analysis 


Update on fault tolerance, Tempest 
and data shredders. Page 13. 


Products 
PC hard-disk security, data safes 
and the Hot Seat column. Page 51. 


Blue Beat 


Deidre Depke on raising vendors’ 
security consciences. Page 51. 


Calendar 


Industry events. Page 59. 


The Insider 


Thomas Roberts on personal com- 
puter security. Page 60. 


Log Off 


The lowdown on the chance of di- 
sasters in data centers. Page 60. 
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“When other computer companies promise to give you what you need at 
desk, the y overlook one problem. What you really need is often beyond 


Digital's Networked Desk fi¢s ‘you into your workgroup and into the com- 
puting resources and power of your whole organization. So, instead of working 
- alone, you can work together more productively. It starts with a full range of 
© compatible products at the desk—terminals and printers and storage devices, 
engineering and scientific workstations, personal computers and multi-user 
super micros. But it Be much further. Within your workgroup, you can 


The Networked Desk. 
Now every member of 
i the team can tie into the 


the whole organization. 


share the same software and files. You can gain access to all the compute power 
and resources of the workgroup transparently with our Local Area VAXcluster™ 
software. Using our new VAXmate™ personal computers, you can run industry- 
standard PC software on the network. And with our local and wide-area net- 
working ilities, you can link to anyone, anywhere, on any system. 

Digital’ Networked Desk. Why work in isolation any more? Call your 
local Digital sales office. Or write: Digital E — 


Corporation, 200 Baker Ave., West Conco t : 
Massachusetts O1742. 


© Digital Equipment Corporation 1987. The Digital logo, VAXcluster and VAXmate are trademarks of Digital Equipment Corporation. 





WITHOUT DATA GENERAL, INTEGRATING YOUR 
SYSTEMS IS LIKE MIXING OIL AND WATER. 


FOR FULLY INTEGRATED 
BUSINESS AUTOMATION, TALK TO 
DATA GENERAL. 


To maintain a competitive edge, a business needs to inte- 
grate all its resources. Ultimately blending people, departments, 
data and computer systems together. 

Data General's Business Automation Systems integrate all 
these vital elements. Which gives your company one, accessible 
information flow. 

Our industry-leading CEO® software gives you the most 
integrated business automation essentials. With spreadsheets. 
Graphics. Decision support. Tools that help you make faster, bet- 
ter informed business decisions. 

Then we take you further. By letting you integrate your exist- 
ing applications. 

Our communications story is second to none. We give you 
the most complete IBM compatibility. We also adhere to industry 
standards iike Ethernet® and X.25. 


So our business automation solutions integrate all levels of 
your company. From PC’s to mainframes. And from the next 
room to the next continent. 

Our MV/Family systems lead the industry in price/ 
performance. And give you a low cost of ownership, along with 
service, training and support. 

Today, over 165,000 CEO users have discovered true inte- 
grated business automation. To create the best possible blend 
for your business systems, talk to Data General. Call 1-800- 
DATAGEN (Canada call 1-800-268-5454.) Or write: Data General, 
4400 Computer Drive, MS C-228, Westboro, MA 01580. 


@» Data General 


aGeneration ahead. 


we ©1987 Data General Corporation. CEO is a registered trade- 
mark of Data General Corporation. Ethernet is a registered 


trademark of Xerox Corporation. 
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Computerworld Focus is a publication of IDG 
Communications, the world’s largest publisher 
of computer-related information. IDG Commu- 
nications publishes over 80 computer publica- 
tions in more than 28 major countries. Four- 
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Write Us 

We welcome letters to the 
editor and publish those we 
judge to be of interest to our 
readers. Letters should be 

addressed to the Editor, 

Computerworld Focus, 375 

Cochituate Rd., Box 9171 

Framingham, MA 01701-9171. 
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ee 


Better safe 
than sorry 


breach in your organization’s computer 

security is an accident waiting to happen. 

Although the realization of the need for 

security is growing, not enough action is 

taking place. In the story on page 23 

detailing a recent Ernst & Whinney survey, 
87% of the respondents recognized the increasing importance of 
security issues, but only 6% felt their companies were adequately 
protected. Anda Focus survey of MIS managers on page 21 
showed similar results. 


Good intentions are obviously not enough. It is easy to 
underestimate how integral computers and the information they hold 
have become to businesses. Figures show that the cost of 
interrupted DP services due to water damage for a large insurance 
company would be $275,000 per day; interrupted services for a 
major airline could cost it $20,000 per minute! Disaster recovery, 
this month’s Special Section topic, has become a big market. 


And threats to security do not always come from without. Hackers 
may get the headlines, but the majority of data theft is perpetrated by 
insiders. Computer security has become a people problem because 
the best security devices and procedures in the world won’t protect 
against carelessness by management and employees. Businesses, 
unsure of legal protections, don’t want to admit to the public or their 
competitors that they are vulnerable to tampering and usually keep 
news of computer crimes under wraps. It will take a massive 
education effort — spearheaded largely by MIS — to goad 
management and employees into turning this situation around. 


However, as MIS emphasizes the importance of data security 
practices, it shouldn’t make the systems too difficult to use. MIS 
should weigh the issues and make trade-offs between security 
protection and end-user computing. For example, Has the system 
become so secure and unapproachable that people are bypassing it? 
Does every company or department need the same set of stringent 
safety requirements? Has the cost exceeded the value of the 
information involved? The need for protection has never been 
greater, and it’s up to MIS to achieve a secure yet effective system. 


hoe 
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Big Blue will sell no 
product before its time 


I was startled at Amy Wohl’s contention [CW Fo- 
cus, March 4] that IBM is “‘too big and too struc- 
tured to be very flexible; whatever it has decided 
todo. . . was decided a long time ago.” 

The company uses its enormous resources to 
develop hardware and software products in paral- 
lel, and the Golden Boys (as I call the members of 
its management committee) only need to choose 
among the alternatives at the last moment. 

IBM can afford to put the plans for a product 
on the shelf until those Golden Boys decide the 
time is ripe. 

An example of the parallel 
strategy is the advent of the 360 
in 1964, when alternatives like 
the 7095 were kept alive until a 
few days before the unveiling. 

An example of the shelving 
strategy is the Selectric type- 
writer, which was held for many 
months until the time was judged 
right to announce it. 

Herbert R. J. Grosch 
Association for Computing Machinery 
Mies, Switzerland 


Acloser link sought between 
the classroom and workplace 


Ina letter in the January issue of Computerworld 
Focus, a computer science student complained 
that his education lacked hands-on training and 
left him ill prepared to find employment. The stu- 
dent rightly asks what we, as educators, can do 
about this type of situation. 

© Solicit advice from industry experts when 
designing curricula. 

¢ Recruit and promote faculty members who 
have significant data processing experience. 

¢ Ensure that laboratories in which students 
acquire hands-on skills are equipped with up-to- 
date hardware and software systems. 

Effective preparation for the real world de- 
pends on establishing a close link between the 
classroom and the workplace. 

Philip A. Clement 

President 

Devry Institute of Technology 
Evanston, Ill. 


IBM’s secret weapon to shake 
crowded System/36 market? 


I recently read “Is IBM In The PC Business?” 
[CW Focus, March 4]and have a few comments: 

¢ IBM made a strategic blunder when it opted 
for third-party components to make the Personal 
Computer. This move got the PCs to market 
quickly, but the long-term effects have been to 
show customers that a computer can function ef- 
fectively without those three little letters. 

© We see plug-compatible machines at both 
the low and high ends of the computer spectrum, 
and shortly many manufacturers will attack the 
System/36 market. 

IBM can and will improve its market position 
with increased PC functions, but to return to the 
profitable days of yesteryear, it must leverage 
proprietary hardware and software. I predict that 
one of IBM’s next moves will be to enhance the 
PC with a version of IBM’s System/36 multiuser 
operating system — SSP — giving it RPG-II ca- 
pabilities, retaining DOS and providing a simple 
and logical growth path for the user. 

Vince Cannuscio 

Vice-President 

National Computer Solutions, Inc. 
Huntington Station, N.Y. 
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C onnie Brock is the vice-presi- 

dent and data security officer (3 
for Norwest Technical Services, 

Inc., a subsidiary of Norwest Corp., 

both of Minneapolis. Brock, who 

has been with Norwest since 1969, 

has been responsible for the company’s 
disaster recovery plans during the past 
four years. 

On Thanksgiving Day 1982, a major 
fire broke out in the company’s North- 
western National Bank headquarters. 
However, because of the company’s ex- 
tensive disaster recovery plan, the fire did 
not affect DP operations. Since then, the 
firm has been active in promoting disaster 
recovery planning to businesses both in 
and outside the banking industry. Brock 
spoke recently with Computerworld Fo- 
cus Senior Editor Stan Kolodziej. 


SECURITY 


VIEWPOINT 


Connie Brock 


Once burned, twice shy: A disaster survivor offers 
advice on how to safeguard your DP operations. 


Did the Northwestern bank 

fire create increased concern 

| | about disaster recovery 

s | planning? 

s Yes. The bank fire was terrific for 

increasing the awareness about the 

possibility of disaster and what it could 

mean to businesses. I think what really 

started [the interest] rolling, however, 

was a big study released by the University 

of Minnesota before that, about 10 years 

ago. The study looked at businesses that 

had suffered disasters and looked at their 
survival rates. 

It concluded that most businesses real- 
ly had to recover critical operations with- 
in 30 hours. If they couldn’t do that, then 
the likelihood of long-term business sur- 
vival was very low. That study formed the 
base on which a lot of companies built 





their disaster recovery plans. 


Is there enough awareness now 
about the importance of disaster 
recovery? 

There’s much more awareness than there 
was five years ago, but I don’t think it’s 
adequate yet. The trick is for companies 
to correctly identify which of their busi- 
ness operations are the critical ones that 
they need to recover and survive. Beyond 
that, they have to establish what their 
minimum acceptable level of operation is 
and the maximum time frame required to 
achieve that minimum level. 

Companies should stay focused on 
those questions and not be distracted 
about whether it’s cost-effective to have 
total recovery capability. Forget cost con- 
cerns. The important point is first know- 
ing how you will survive as a business. 


What, in your opinion, is the sin- 
gle most important issue in disas- 
ter recovery planning? 

Maintaining the plan. If you hire people to 
come in and form a plan for you, what hap- 
pens when they’re gone? Companies 
should maintain their own disaster recov- 
ery plans. Part of the maintenance is real- 
izing that your business is going to 
change. Periodically, you have to go into 
the plan and ask if the right critical opera- 
tions are still defined, if there are correct- 


ly defined minimum levels of operation 
and if recovery time frames are still work- 
able. The basic thrust is to see if the plan 
is still current and still works. 

I think a lot of organizations start out 
with a pretty good disaster recovery plan 
but let it fall by the wayside because they 
don’t put the resources into an ongoing 
maintenance program. If you do it your- 
self, you build expertise and awareness, 
and it’s easier to establish an ongoing 
maintenance mode. 


How important is it to get end us- 
ers involved in the actual testing? 
Always important. We’ll frequently have 
users available as part of the test. During 
a test, users will be at their normal busi- 
ness locations conducting business as usu- 
al. When we send a team to our hot site lo- 
cation during a test, we are also testing 
users in the field at the other end. It very 
much simulates the real world. 


How often do you test your plan? 
At least twice a year. We go through some 
very careful planning before the test to 
make sure that we’re clear on what the 
test objectives are. We'll place a special 
emphasis on anything that might have 
changed since the last test. If we’ve added 
a new product or service, for example, it 
will get special attention on the next test. 
Continued on page 9 


Just one free call 
can start your computer 
disaster recovery 


SUNGARD 
1-800/523-4970 


Just one toll free call can start your 
custom plan for a reliable. compre- 
hensive backup system that will safe- 
guard your vital computer systems 


Every alert management team has 
insurance for its company’s cars 
trucks. machinery. inventory and 
buildings. yet these same executives 
frequently overlook protection in an 
area that is equally critical to their 


day-to-day business operations 


Business enterprises representing 
all types of industries have chosen 
SUNGARD Recovery Services for their 
computer disaster recovery. Whe- 
ther you are in banking. insurance. 
transportation. manufacturing. retail- 
ing. utilities. or one of the service 
industries. SUNGARD's Advantages 
can work for you 








What Are SUNGARD’s Advantages? 


@ Experience. SUNGARD s staff has 
over 600 man years of data proc- 
essing experience and over 300 man 
years of disaster recovery ex- 
perience ready to work for you 


@ Facilities. SUNGARD has the larg- 
est commercially available recov- 
ery center. Our centers - Philadel- 
phia. Chicago. and San Diego - are 
fully operational with the latest IBM 
equipment and communications ca- 
pabilities 


W Equipment. SUNGARD s basic equip- 
ment configurations are continually 
enhanced at no extra cost to exist- 
ing subscribers 

Leip: 





@ Technical Support. SUNGARD has | 
experts intelecommunications. sys- 
tems software. operations and cus- 
tomer service 


@ Consulting. SUNGARD'’s Contin- 
gency Services program helps you 
develop and implement a cost effec- 
tive disaster recovery plan quickly 


For full information call 1-800/523- 
4970 i'n PA call collect 1-215/341- 
8729) or write SUNGARD Recovery 
Services. Two Glenhardie Corporate 
Center 1285 Drummers Lane. Wayne 
PA 19087 


SUNGARD 


RECOvery SERVICES 


1-800/523-4979 


SUNGARD 


RECOVERY SERVICES 
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Micro/ Mainframe Communications 
Complete BlueLynx Package from $695 


PC-to-system communications don’t have to be expensive to be 
effective. All you need is BlueLynx to make your network more flexible 
and versatile. With BlueLynx you get results, without the high price tag. 


BlueLynx 5251-11: 

© Menu configurable 5251 and 
5291/5292 display support 

© IBM API compatability on each LU 


© 7LU support 
© Fast HOT KEY to DOS 
International and Enhanced 


e 5224, 5225 and 5226 printer support PC keyboard support 


BlueLynx Il 3270: 
® Emulation of the 3274/76 
remote controller with SLU support 
© Menu configuration of 3278/3279 
display and 3287 printers 
© Configurable print strings 


BlueLynx 2780/3780: 


© Fast HOT KEYS to DOS 

* Configurable attributes 

© Screen timeout value 

© Integrated line monitor 
provides online diagnostics 


© RJE and PC-to-PC communications at speeds of 19,200 bps 
Set-up & options are handled from main menu 

e Automatic and unattended transfer of files 

© Data compression options provide for rapid 


transfer of files 


Once you've seen BlueLynx’s capabilities for 


yourself, you'll know that talk really is 
Call or write for more information: 
Circle Reader Service Number 45 


cheap. 


TECHLAND 25 Waterside Plaza, New York, NY 10010 


SYSTEMS INC. 
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1-800-TECHLAN (In NY: 212-684-7788) / Telex 961134 
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Funny how the greatest success stories always seem 
to hinge on some special combination. 
The bat. And the hitter. 
The song. And the singer. 
The IBM 9370. And VMCENTER II. 
The 9370's potential for greatness has 
never been in doubt. But it takes more 
than potential to make departmental 
systems run smoothly throughout 
large organizations. 
What it takes—is VMCENTER II. 


THE ACCESS 
USERS NEED. 
THE CONTROL 
YOU NEED. 


VMCENTER II is VM Software's newest, most comprehensive 
answer to the systems management needs of the VM operating 


environment—the environment best suited to the overwhelming 


majority of 9370 users. 
AND THE 93 / (): In one easy-to-use package, VMCENTER II brings computing 
power to the people who need it at every organizational level. 


Equally important, VMCENTER II helps maintain strong central control while 
vastly reducing the tasks traditionally faced by data processing professionals in 


interactive user environments. 
AHARD-HITTING === 
Performance monitoring. Project 
accounting. They may sound mundane. But they’re critical 


to smooth-running applications. And VMCENTER II takes 
/ @ care of them all—plus a lot more. 


All this while users are enjoying 
dependable, easy access to a system that performs at 
its peak, day after day. And even helps them 
plan ahead for future needs. 


THE POWER. The 9370 marks a great opportunity 
AND THE for your entire organization. But to make 
GLORY. the most of it, there’s nothing like VMCENTER II. 
After all, VMCENTER II is based on the original 
VMCENTER-—the world’s leading VM data center manage- 
ment system. And it’s loaded with new features specifically designed 
for departmental environments. 
The result is a system that’s a potent partner for the 9370. A sure way to simplify 
a major transition for your organization. And an all-round clutch performer that'll 
make you look good for choosing it. 
VMCENTER II. For more information call 1-800-562-7100 
(In Virginia or outside the Continental U.S. 703-264-8000). Or write VM Software, Inc., 
1800 Alexander Bell Drive, Reston, Virginia 22091. Sise:titscieac nc wt see Beta Piven Anns Asosaton 


1-CWX-870603 


- VMCENTER II FROM VM SOFTWARE, INC. 
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Think like a criminal 
Sanford Sherizen 


f you think that crime doesn’t | 

pay, you haven’t met a comput- | 

er criminal. Not only can crime 

pay quite a bit, but increasing- 
ly, it is perpetrated by authorized 
employees. 

An excellent way for senior-level exec- 
utives to protect their organizations from 
such offenses is to learn how to think like a 
thief. 

The following are some of the ways by 
which computer criminals, particularly 
employees who are given access to equip- 
ment as part of their work, are commit- 
ting crimes. These rules will show how 
criminals think and what companies 
should look for to prevent these acts. 

¢ Work the odds. As a criminal, un- 
derstand that while many organizations 
are required to prevent computer crime, 
few can recognize it or know how to de- 
tect it, how to investigate it or what to do 
if it happens to them. A computer crimi- 
nal’s best protection is that the majority 
of these crimes are found out by chance 
and that, even if found, most organiza- 
tions are not willing to press charges. The 
odds of being able to perform a crime and 
get away with it are in your favor. 

© Know the limits of the law. Find 
out if your state has a computer crime law 
and whether anyone has ever been prose- 
cuted under it. Go where the law is the 
weakest or where public prosecutors are 
least interested in handling computer 
crime cases. 

¢ Learn how other criminals 
avoid detection. To commit a computer 
crime, you need to know how a particular 
organization processes its work, what the 
control weaknesses that allow crimes to 
occur are and how you can get away witha 
crime. Your weakest area is probably 
knowing how to cover your tracks and not 
leave fingerprints. Remember, do not 
commit too many crimes; steal small 
amounts over a long period of time. Con- 
tinue with your usual lifestyle, and do not 
buy big, expensive cars or take trips 
around the world — yet. Choose your 
confederates in crime carefully. Learn 
how to be a loyal employee that nobody 
would suspect. 

¢ Pick your opportunities. You 
have the advantage as an employee to 
choose the best time and way to hit a sys- 
tem. Vacation and slack times like the 
month of December and Friday after- 
noons are convenient. At these times, 
employees are under pressure to com- 
plete jobs or close the books and little at- 
tention will be paid to work as long as it 
looks almost right. 

Also, borrow passwords from co-work- 
ers if you can; or better yet, try to get one 
password for everyone in your office then 
post it for all to use. That way it becomes 
difficult to pin any computer discrepan- 
cies on you specifically. 

¢ Become known as a computer 
hater. Most bosses expect computer 
criminals to be high-tech nerds. Complain 
Sherizen is a Natick, Mass.-based information se- 
curity consultant and criminologist. 
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| about computers and get a reputa- 

tion as one of the most technopho- 

| bic people in the office. Refuse to 

| have even a bank automated teller 

| machine card, and then quietly 

learn all you can about computer ap- 

plications and get hold of books on com- 
puter crimes, hacking and security. 


e Learn how computers undercut 
controls. Find out which management 
controls have been weakened by comput- 
erization. Like those who investigate 
crimes, follow money trails and see if 
there are opportunities for crime. See 
what the lack of source documents may 
mean to you, and discover how electronic 
mail may provide you with information. 

e Test a firm’s defenses by mak- 
ing mistakes. Find out if there is any- 
one behind the terminal that is electroni- 
cally watching what you do. One way to 
discover if there is surveillance is to make 
mistakes and see what happens. Do not 
make the same error continually but rath- 
er try things periodically that might allow 
you to change data for your own advan- 


tage. If someone contacts you to ask what 
you are doing, become technophobic and 
blame the computer. If no one contacts 
you about your mistakes, continue your 
testing long enough to gather informa- 
tion. Then stop for a while and prepare 
yourself for the big hit. 

¢ Try to work for a boss who is 
afraid of computers. If you happen to 
have a boss who dislikes technology, you 
are in luck. If you are stuck with a power 
user, transfer to a department in which, 
as long as the system seems to be run- 
ning, the boss doesn’t bother anyone or 
check their work. 

¢ Copy information rather than 
steal money. Understand that informa- 
tion is worth more than traditional forms 


AI&I Power Protection Systems: 
Your best security against 
costly downtime. 
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of property. In other words, steal the data 
in the computer rather than the comput- 
er. Not only is information lighter, but it 
will also provide you with a bigger mone- 
tary payoff. Consider what your compa- 
ny’s competitors are interested in, think 
about how the information you handle can 
be used for your own purposes and be- 
come more aware of the intangible prop- 
erties that make today’s businesses run. 

¢ Check how open the company is 
to countersuits. Consider what the 
grounds are for protecting yourself in the 
event of detection. 

Take into account whether you have 
seen a written copy of the company’s 
computer crime policy or if you have had 
to sign a statement saying you have been 
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briefed on these procedures. : 

Are there what the law might consider 
adequate attempts to protect company 
assets and resources? Finally, find out if 
there are sufficient audit trails that estab- 
lish you, and you alone, as the perpetrator 
of the crime. If there are no such safe- 
guards, congratulations! You may be free 
to perform all sorts of criminal acts with- 
out fear of punishment. 

¢ Be willing to be fired. The 
chances of being detected are minimal, 
but sometimes mistakes happen. If you 
are caught, act penitent, horrified that 
you could have done such a thing and feign 
a nervous breakdown. Chances are that 
management will let you go quietly to 
save everyone from further embarrass- 





ment. Take the money and run. 

If the company insists upon the mon- 
ey’s return, try to negotiate. Negotia- 
tions should include the following pros- 
pects: volunteer as an internal consultant 
to help prevent computer crime from hap- 
pening again; return part of the money 
and ask the company to drop the charges 
or you will publicly embarrass it; or tell 
the firm you need a glowing letter of rec- 
ommendation so that you can get another 
job to pay back the money. 

By knowing these rules, you will be 
able to think as a successful computer 
criminal does and protect yourself. By us- 
ing these rules, you won’t have to worry 
about what to do after retirement — con- 
sider movie rights. 





Eliminate the cause 
of upto50% of your 


downtime: 
computer 


Power disturbances, brief 
and imperceptible, cause 
very visible data loss, data 
errors, and equipment 
damage, all resulting in 
costly downtime. 
According to AT&T Bell 
Laboratories and IBM 
research, a typical com- 
puter site experiences as 
many as 135 commercial 
power disturbances a year, 
accounting for up to 50% of 
all computer downtime. 


The protection solution. 
AT&qT offers two product 
lines to combat these dis- 
turbances: the Uninterrup- 
tible Power System (UPS) 
and the Power Line Condi- 
tioner (PLC). Each effec- 
tively eliminates power 
fluctuations, including 
noise, transients, peaks, 
brownouts, and distortions. 
The difference being that 
the UPS includes a built-in 
battery reserve for protec- 
tion against blackouts. The 
UPS is available in 1, 3,5 
and 10 KVA power ranges. 
The PLC is available in 3, 5 
and 10 KVA models. 


A 50-year.advantage. 
Why specify AT&T's power 
protection equipment over 
that of other manufactur- 
ers? Because AT&T has an 
unmatched 50 years of 

- 


AT&T Power Protection Systems 


| Dept. 203130-LEADS, 555 Union Blvd., Allentown, PA 18103 
| Please send me more information on UPS and PLC. 





experience in manufactur- 
ing power equipment. And, 
because AT&T also designs 
and manufactures com- 
puters, we have a unique 
understanding of what 
should go into a superior 
power protection product. 
For instance, our parallel 
processing architecture 
offers reliability few others 
can provide. It also maxi- 
mizes cost-efficiency: less 
power is needed to run our 
systems, and heat loss is 
substantially reduced. 


Easy does it. 

AT&T UPS and PLC power 
protection systems are easy 
to install, need no operator, 
and require no scheduled 
maintenance. 

Furthermore, AT&T backs 
you with an unequalled 
nationwide service network 
and a 24-hour toll-free 
number for technical ser- 
vice support. 


Fast delivery. 

AT&T is ready to ship from 
stock. Once our Dallas facil- 
ity has your order in-hand, 
we'll have your system 
speeding on its way to your 
Site. 

So for maximum security 
against power disturbances, 
along with low-cost,trouble- 
free performance, call AT&T 
at 1 800 372-2447 or mail 
the coupon below. Let us 
show you how to turn 
expensive downtime into 
productive uptime. 
©1987 ATaT 
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Computers seem to have become 
the pivotal point in corporate di- 
saster recovery planning. Would 
you agree? 

Yes, that’s happened during the past five 
years. Businesses have begun to recog- 
nize their growing dependence on infor- 
mation systems. But it doesn’t mean that 
disaster recovery is completely a DP is- 
sue; that’s a misconception. What may 
have looked like a DP issue 10 years ago 
looks more like a business survival issue 
now, just because of the growth in auto- 
mation and the growing dependency on 
information services in all businesses — 
not just banking and financial services. 

A lot of times, information systems are 
the focal point for disaster recovery plan- 
ning, and usually, when you start with - 
MIS, you wind up covering most of the 
critical business functions whether or not 
they’re automated. That’s a good entry 
point. 


Is there a chance that disaster re- 
covery planning is being oversold 
by consultants and the rest of the 
industry? 

The marketing can tend to lean too much 
toward scare tactics and, in that way, can 
actually be counterproductive. If you 
overplay any issue, people will not pay at- 
tention to it. I also think that although 
there are many companies selling consul- 
tation services and actually writing up 
plans, these firms don’t have the obvious 
credibility with senior management that 
those people who experienced disasters 
firsthand have. That’s why for years after 
we had our fire, we had many requests for 
people to come and talk [to us] about our 
experience. The fact that we weren’t sell- 
ing anything didn’t hurt. 


Do you think most large compa- 
nies have the internal resources 
to handle their own disaster re- 
covery planning? Do you think 
they might be relying too much on 
consultants? 

I think the most effective approach is to 
handle disaster recovery planning with 
your own people. It’s worked well for us. 
We have one full-time specialist in our or- 
ganization who handles disaster recovery 
planning. At her disposal is a contingency 
coordinator team made up of managers 
from each of the line units. This team has 
the responsibility for our entire contin- 
gency preparedness program. 

When you [create a plan] internally, 
you get much greater awareness through- 
out the company about the issues associ- 
ated with disaster recovery planning. You 
have an educated base, and you have the 
line people participating and making deci- 
sions about what’s necessary to ensure 
business survival. You don’t have to pay a 
lot of money for a consultant [if you write 
the plan yourself]. It’s cheaper to do it this 
way. I would even argue that you get a 
better result. Even the cost of keeping a 
full-time recovery person is [minimal] 
when business survival is at stake. 


What’s the one message you’d 
give to those expanding their di- 
saster recovery plans? 

Remember that even though the proba- 
bility of a disaster is very low, the impact 
is very severe. 


FOCUS 9 





ONCE AGAIN, 
STRATUS CATCHES THE 
COMPETITION WITH THEIR 
COMPUTERS DOWN. 


Stratus XA2000 performance 
becomes even more impressive when 
you begin adding systems. In fact, 
you can interconnect thousands of 


It never fails. Every few years Stratus 
comes out with a new generation of 
fault-tolerant computers whose price/ 
performance and reliability are a 
source of astonishment to our market 
and a source of embarrassment to our 
competitors. 

This year is no exception. 

With the introduction of our new 
XA2000 family, Stratus now 

offers the best performing, most 
powerful fault-tolerant computer 
systems in the world. Systems 
powerful enough to handle the 

largest on-line transaction pro- 

cessing applications with the 

lowest cost per transaction in the 
industry. Systems with more comput- 
ing power than ever before, enhancing 
the performance of what was already 
the world’s most reliable architecture — 
hardware-based fault tolerance. 

Our new Model 140, for example, 
can execute over 50 transactions per 
second. That's more than three times 
the processing power ofa Stratus 
XA600 — which up till now was the 
most powerful hardware-based fault- 
tolerant system you could buy. And 
if you did buy one, don't worry: all 
Stratus computer systems, old and 
new, are completely compatible. 


Stratus computers into local and wide 
area networks for virtually unlimited 
performance. 

Upgrading couldn't be easier. Or 
faster. Because all you dois add 
boards. You can even do it while the 
system is running. 

And the unique, “open-ended” 
architecture of our new XA2000 gives 
you the flexibility to begin building your 
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foundation now for the more sophisti- 
cated applications you'll be running 
years from now. 

Our XA2000 family includes four 
totally compatible, instantly upgrad- 
able computer systems: the Models 
110, 120, 130, and 140. Each more 

powerful than the one before 
it. And each years ahead ofits 
time in speed, upgradability, 
reliability, and above all, price/ 
performance. 

All this from a company that 
enjoys the highest level of cus- 
tomer loyalty in the industry: 
arecent independent survey 
of some of our customers 

revealed that 100% of those surveyed 
would not even consider changing 
computer companies. 

So, for complete information, con- 
tact your local Stratus sales office, or 
call Peter Kastner at (617) 460-2192. 

Because you may not see another 
computer like this until the 21st century. 


CONTINUOUS PROCESSING" 


Stratus Computer, 55 Fairbanks Boulevard, Marlboro, MA01752 
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A measure of 
desktop success 


n the life of every in- 
vestment, every trial, 
every pilot program, 
there comes a mo- 
ment of truth. Such a mo- } 
ment is rapidly°approach- 
ing for end-user computing. 

The end-user computing in- 
dustry is approaching the point 
at which management is waiting 
to learn how fundamentally valu- 
able this computing concept has 
proven to be. It would be nice if 
executives and MIS could look at 
user budgets, key measure- 
ments of output or other quanti- 
tive criteria to see if a company is 
better off. But other factors 
cloud this comparison, 


Young is managing director of MIS for 
the Wheeler Group, a division of Pitney 
Bowes in Hartford, Conn. 


and, more importantly, 

such an analysis would ig- 

nore some of the qualita- 

tive benefits that technolo- 

gists have told 

organizations to expect. 
To measure intangible benefits, 
we must resort to the techniques 
of observation and judgment. 

We must first ensure that our 
more skeptical colleagues were 
not correct in predicting that 
end-user computing would have 
detrimental effects. There 
should be no stand-alone use of 
the technology when centralized 
techniques are required. There 
should be no data pollution intro- 
ducing errors and inaccuracy to 
valid facts and figures. Nor 
should there be a proliferation of 
redundant data, calling into 
question which set of duplicate 
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numbers is right. There should 
be no egregious violations of 
MIS controls and standards that 
would permit security breaches, 
loss of resources, hindered mi- 
gration or restricted integration. 

Just because no damage is de- 
tected does not mean that end- 
user computing has necessarily 
been a success. It is possible that 
isolated uses of turnkey solu- 
tions have merit but that the 
wholesale promotion of end-user 
computing programs does not 
yield broad benefits. 

To test the likelihood of this 
possibility, we will have to draw 
judgmental conclusions about 
the impact of end-user comput- 
ing on organizations. It will be 
necessary to trust user observa- 
tions of changes and impacts. We 
can determine the various de- 
grees of end-user computing’s 
success through the following 
sequence of questions: 

¢ Are users utilizing end- 
user computing techniques? 
Normally, this is a terrible test 
because using end-user comput- 
ing incorrectly can waste time 
and money and cause damage. 
However, for programs just get- 
ting under way, this is the key 
initial gauge of progress as well 
as a prerequisite for eventual 
payback. In environments in 
which there are high levels of hi- 








erarchical scrutiny, use is even 
more meaningful because it can 
indicate that the growing utiliza- 
tion of technology has, at least, 
passed a potential rigorous man- 
agement review. 

¢ How are users utilizing 
end-user computing? Eventu- 
ally, ask this more exacting ques- 
tion to measure if the technology 
is being used beyond its rudi- 
mentary functions. 

e Have users met initial 
goals? Failure to accomplish set 
goals might indicate that users 
are not serious about making the 
technology work. 

e Have users become 
more independent? The indi- 
cators of independence include 
increases in inquisitiveness and 
independent action. Other beha- 
viors to observe include positive 
responses to basic technology 
and an increased understanding 
of technological capabilities. 

¢ Have users become 
more efficient? In viewing 
user performance, are there in- 
dications that they can accom- 
plish their functions at a lower 
cost and with fewer resources? 
Attributing this efficiency exclu- 
sively to end-user computing 
may be as difficult as quantifying 
specific improvements, but it is 
one of the longer term predicted 
effects of the technology. 


e Have users become 
more effective? Have im- 
provements evolved to areas of 
quality, not just quantity? Has ac- 
curacy increased? Are users 
more knowledgeable about data, 
its meaning and its possibilities? 

e Has end-user comput- 
ing changed users’ behav- 
ior? A final test is to see if per- 
sonalized computing has altered 
the way end users work. For the 
promised potential of end-user 
computing to come true, jobs 
should eventually be considera- 
bly altered for the better by as- 
tute users who see the possibili- 
ties that technology can bring. 

Each of the previous ques- 
tions can serve to confirm to 
management the degree of pay- 
back from end-user computing. 
These questions make up a hier- 
archy of tests that measure the 
impact of the technology and 
show increasingly higher bene- 
fits and paybacks. As we ask 
each question, we can learn that 
given time, greater benefits can, 
in fact, come about. 

We can’t afford to assume 
that these benefits will happen 
automatically. We must take 
steps to demonstrate current 
and future benefits at all levels to 
management and MIS through a 
methodical, increasingly rigor- 
ous analysis. 


Still playing the odds 
with data recovery? 


FILESAFE won’t leave it to chance! 


The fastest and most versatile VSAM Forward Recovery 
and CICS Journal Management product available! 


CHI/COR’s Total Recovery Planning System (TRPS) is a 
relational database tool on a personal computer that: 


e Makes it easy to enter your data 


e Organizes and manages that data more effectively 
than any word processing system can 


e Provides you with an already-documented, detailed 


action plan 


e Makes it easy to maintain your Disaster Recovery Plan 
as your environment changes. 


TRPS is the most advanced disaster recovery planning 


tool available. It is the only system that effectively 


addresses the issue of maintaining Disaster Recovery 
Plans for data center or organization-wide recovery 


planning programs. 


CHI/COR, an established leader in the development of 
economical and effective Disaster Recovery Plans, has 
built a complete spectrum of disaster recovery planning 
services around TRPS. 


To find out more, give us a call today to receive your free 
demonstration diskette. 


CHICOR 


CHI/COR Information Management, Inc. 


10 S. Riverside Plaza, Chicago, IL 60606 + 312/454-9670 
6 Landmark Square, Stamford, CT 06901 - 203/359-5639 
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or sorry. 

CA-TOP SECRET™ represents a major 
advance in MVS and VSE security systems. 
Its comprehensive scope, exceptional 
auditing capabilities, intelligent design, ease 
of implementation and ease of use make it 
without question the system of choice over 
anything else available on the market today. 

You get total security. And you get total 
support as well—on-site consulting and on- 
line HELP—and tutorials when you buy it 
as part of CA-UNICENTER™, the modular 
system designed to automate all data 
center functions. CA-TOP SECRET and 
CA-UNICENTER—total 
security within a totally 
automated data center. 

A complete solution and 
only Computer Associates 
can deliver it today. 


GOMPUTER 
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Software superior by design.” 
711 Stewart Avenue 
Garden City, N.Y. 11530-4787 


’ 
For Better Security 


The way is CA 
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Data crime laws passed 


Legislation has addressed the 
world of information processing 
with two laws that protect us- 
ers from unauthorized access 
and computer-related fraud. 
However, industry observers 
suggest that these measures 
are only a beginning. 

The Electronic Communica- 
tions Privacy Act of 1986 ex- 
tends protection from eaves- 
dropping on mail and telephone 
communications to include digi- 
tal data communications such as 
electronic mail and remote 
computing. 

The act also defines privacy 
for E-mail storage at off-site lo- 
cations such as remote process- 
ing or time-sharing companies. 
These third-party rights pro- 
tect the owner of the informa- 
tion from unauthorized access 
by government officials or em- 
ployees of computing service 
firms. 

The Computer Fraud and 
Abuse Act of 1986 makes it a 
federal crime to gain unautho- 
rized access to data in any finan- 
cial institution, federal govern- 
ment or interstate computer. 

Crimes in which $1,000 
worth of goods, services or dol- 
lars are stolen or software is de- 
stroyed are felonies with jail sen- 
tences of up to five years for the 
first conviction and 10 years for 
the second. All unauthorized 
access to medical data is a felony 
as well, regardless of price. 

One problem with the fraud 
and abuse act is that unless sto- 
len data is linked to a loss of 
goods, services or dollars, the 
theft is considered a misde- 
meanor, punishable 
by only one year in 
prison, says Jerry 
Marsh, executive 
vice-president of the 
computer security 
division of On-Line Software In- 
ternational, Inc. 

To prosecute an alleged 
crime, Marsh states, the accuser 
must document the offenders’ 
actions, placing the burden of 
proof for an invasion on the 
owners of the data. 

However, the two security 
acts are a step in the right direc- 
tion, according to the Data Pro- 
cessing Management Associa- 
tion (DPMA), an organization 
with nearly 45,000 members. 
But these documents do not 


deal with computer crime issues 
at the state and local levels. 

In response, the DPMA has 
developed a five-part model 
computer crime act that covers 
the unauthorized use or access of 
computer resources, including 
any information stored on a ma- 
chine; release of computerized 
information, copying or use of 
proprietary computer software 
and information and modification 
of computer resources; and de- 
nial of access to computer re- 
sources. 

The DPMA has announced 
that it will work to identify states 
with weak computer crime laws 
and focus its activities on educat- 
ing legislators and businesses 
so that laws are improved. With- 
in these activities, the model 
computer crime act will serve as 
an educational tool. 


Foreign exchange fraud 
cost VW up to $259 million 


Erased and corrupted data re- 
portedly contributed to a foreign 
exchange fraud that cost Volks- 
wagen AG of West Germany up 
to $259 million. Company offi- 
cials say they believe a fraudu- 
lent currency contract was cre- 
ated through transactions forged 
by changing computer pro- 
grams and erasing data tapes in 
1984. 

Volkswagen has already 
filed charges of fraud, breach of 
trust and forgery against un- 
identified outsiders. Within VW, 
Chief Financial Officer Rolf Se- 
lowsky resigned in March, six 
weeks before his contract was 
to expire. Although Selowsky is 
not linked to the fraud, he has 
chosen to claim managerial re- 
sponsibility. 

The company has taken ac- 
tion against several high-ranking 
employees. Volkswagen has re- 
organized its finance division, 
dismissing VW’s foreign ex- 
change manager and suspending 
both its head of finance and pay- 
ments and head of money and 
foreign exchange clearing for 
managerial failure. 

Financially, the fraud has 
widely affected Volkswagen and 
the West German marketplace. 
VW’s stock price dropped 9.2% 
in the days following the an- 
nouncement. 

Other West German auto- 
makers felt similar losses, and 

Continued on page 16 
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Fault-tolerant market 
to hit $2 billion in 87 


The fault-tolerant market con- 
tinues to be a two-man fight. 
Both Marlboro, Mass.-based 
Stratus Computer, Inc. and Cu- 
pertino, Calif.-based Tandem 
Computers, Inc. have been spar- 
ring for some time to dominate 
the market, with IBM on the 
edge swinging but unable to land 
a solid punch. 

The fault-tolerant arena is go- 
ing to get a little more crowded. 
The traditional make-or-break 
markets, such as the banking and 
airline businesses, are now being 
joined by other industries eager 
for the extra security of fault-tol- 
erant systems, which, in their 
basic makeup, contain proces- 
sors working in parallel that con- 
tinue to operate after compo- 
nent failures. 

“We are predicting the [U.S.] 
fault-tolerant market will reach 
$2 billion in 1987 and grow 40% 
to 50% each year until 1990,” 
claims Pete Kastner, manager of 
marketing development at Stra- 
tus. “Financial services, the bro- 
kerage business, point of sale 
[POS] and shop floor applications 
are exploding within business.” 

But International Resource 
Development, Inc., headquar- 
tered in Norwalk, Conn., sounds 
a more cautious note, pegging 
the U.S. fault-tolerant market at 
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$1 billion this year, climbing to 
$1.2 billion by 1990. 

“There are two big develop- 
ments now under way in the 
fault-tolerant market,’ says Van 
Weathers, a director at Data- 
quest, Inc. in San Jose, Calif. 
“The first is expansion of target 
markets, which is bringing in 
some new vendors, and the sec- 
ond is the pressure being placed 
on the price/performance ratio. 
It’s pushing the costs of transac- 
tions per second down.” 

Expanding markets, Weath- 
ers says, are exemplified by such 
new fault-tolerant frontiers as 
POS and telecommunications. 

“{Illinois Bell] is in the pro- 
cess of developing a system 
called Networker, which moni- 
tors telephone network func- 
tions, picks up operator-referred 
trouble reports, analyzes them 
and tries to pinpoint the prob- 
lems,” explains Rich Willer, 
manager of corporate networks 
and software support at Illinois 
Bell in Chicago. ‘The core of 
Networker is a [Parallel Com- 
puters Co.] fault-tolerant system 
with built-in battery backup. We 
can’t have the system go down.” 

Willer explains that telephone 
companies have always, out of 
necessity, had fault tolerance but 

Continued on page 14 
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Fault tolerant 


Continued from page 13 


not support systems such as 
Networker built into their 
switching systems. “Until now, 
our support systems really 
haven’t had the transaction vol- 
umes, and we only needed to 
have high availability not fault 


tolerance. Increased competi- 
tion is changing that,’ Willer 
says. 

NCR Corp. has pushed fault 
tolerance into its bread-and-but- 
ter market, POS systems. At the 
same time, NCR is helping push 
the price curve down further 
with a series of low-cost, fault- 
tolerant POS systems in the 
$25,000 to $45,000 range, a far 
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cry from the top-of-the-line Stra- 
tus and Tandem computer sys- 
tems that can cost more than $1 
million. 

Tandem, however, has re- 
cently introduced a series of low- 
cost systems of its own, featur- 
ing an expandable number of 
processors. 

Larger markets mean bigger 
competition. Santa Cruz, Calif.- 


based Parallel Computers is tar- 
geting its Unix-based systems at 
the telecom market as well as 
niche applications such as law 
enforcement agencies. New en- 
trant Tolerant Systems, Inc. of 
San Jose is ambitiously aiming its 
low-cost systems at banking, 
telecommunications, manufac- 
turing and the federal govern- 
ment. — SK 
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Liebert. 


Our PC Protection Center 
combines on-line UPS, line 
regulation, and surge protection. 

Of course, you'd expect this from 
Liebert—we support thousands of 
mainframes with computer grade 
power. 

What you might not expect, 
though, is that this triple protection 
comes in a 2.3” high package that 
slides neatly under a PC monitor. 

The PC-ET has five switched out- 
lets, all conditioned, three with 
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on-line UPS protection. 

The Liebert PC Protection Center 
will support any PC (Apple, IBM, or 
compatible) up to and including a 
fully configured AT. ..or an IBM Per- 
sonal System/2 Model 60. Its size 
and price make it the first practical 
one-step solution you can offer PC 
users in your organization. 

A solution that's backed by 
Liebert quality, Liebert technology 
...and the largest dedicated power 
service group in the world. 


Circle Reader Service Number 52 


For complete details and specs 
or to set up a demo at your 
convenience, just give us a Call at 
614/888-0246. 
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In Data Protection. 


(0 Liebert 


COMPUTERWORLD 





Passwords 
made safer 


A new class of security products 
has arrived that could radically 
improve the safety of password 
systems. These devices assign 
the user a personal identification 
number (PIN) every 60 seconds. 

Passwords and PINs are the 
easiest methods of imposing 
some degree of data security on 
a system. However, they are 
also notoriously easy to crack. 

Meanwhile, devices that 

force users to identify them- 
selves via cards or biometric 
readings are much more secure 
— and much more expensive. 
They also require that user ter- 
minals be equipped with special 
hardware. 
’ Now, however, a new kind of 
personal access device (PAD) 
has come to market. It consists 
of a pseudorandom number gen- 
erator and a security system 
running on the host computer 
and other pseudorandom num- 
ber generators in the possession 
of authorized users. 

The host generator and the 
user generators are running the 
same algorithm, and both are 
running on the same clock. In 
other words, both the host’s and 
user’s systems are producing a 
new, unpredictable number ev- 
ery minute. But, it is the same 
unpredictable number for both of 
them. 


Denied access 

Users can then dial up the sys- 
tem on any terminal or personal 
computer they like. To access 
the system, though, they have to 
type in the PIN being shown, at 
that minute,-on their generator. 
If that PIN does not match the 
number generated at the very 
same minute by the host, access 


~ is denied. 


Several products utilizing this 
principle have come to market 
— many of them the results of 


‘strategic alliances with one com- 


pany, United Software Security, 
Inc., headquartered in McLean, 
Va. 

Among other things, United 
Software Security sells Padpath, 
software that provides this kind 
of pseudorandom number access 
to IBM mainframes’ security fa- 
cility software, ACF2. 

Currently, users can buy Pad- 
path either alone or in associa- 
tion with proprietary hardware 
PADs from three different com- 
panies. United Software Securi- 
ty also sells Lazerlock, a small, 
hand-held user PAD. Another 
Padpath-equipped device is Con- 
fidant, from San Jose, Calif.- 
based Atalla Corp. This PAD is, 
in fact, a small calculator. 

And, finally, Security Dynam- 
ics, Inc., located in Cambridge, 
Mass., recently introduced a 
smart card equipped with Pad- 
path (see story page 52). — MT 
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Data Physician treats viruses 


Imagine the shock of seeing text, 
perhaps hours of work, oozing 
off the computer screen. At 
Apollo Computer, Inc., this oc- 
currence is a rite of initiation for 
new employees, two engineers 
explain. The culprit is a program 
called Melt, which gives the ap- 
pearance that the screen is melt- 
ing away even though the data 
remains unharmed, the engi- 
neers say. It is a good practical 
joke. 

However, some software has 
frightening effects that are more 
than just appearances; they are 
tools of software sabotage. 
Known as viruses, worms or log- 
ic bombs, these small strings of 
code either destruct or corrupt 
electronic data. 

“Generally, only a_ small 
amount of code is needed to de- 
stroy software,” says Barbara 
Hansen, president of Minneapo- 
lis-based Digital Dispatch, Inc., a 
software development firm. The 
virus checks for the time or oth- 
er conditions, and when the 
proper conditions exist, she 
says, “the virus comes into play, 
wiping out data or scrambling 
disks.” 

A major problem for systems 
managers is that creating virus- 
es is simple. ‘“‘Anyone who has 
the wherewithall can do it,” 
Hansen asserts. “It doesn’t take 


much time, and it doesn’t take a 
lot of intelligence.” Thus, dis- 
gruntled employees have an easy 
form of revenge at their finger- 
tips. 

At the same time, searching 
for the minute defective code is 
akin to looking for a needle in a 
haystack. The problem is often 
compounded by the fact that the 
virus can come into a system 
through external means, such as 
electronic bulletin boards or mi- 
cro-to-mainframe links, which 
are hard to track. 


Disastrous results 

The consequences of these vi- 
ruses can be disastrous. In early 
1985, a time-sensitive logic 
bomb froze all the internal files 
residing on an IBM mainframe at 
the Los Angeles department of 
water and power. The depart- 
ment did not have to curtail its 
utilities services, but it had to 
bring the IBM machine down for 
a week to remove the bad code, 
Hansen recalls. 

While the incident was a 
source of frustration for the utili- 
ties department, it was inspira- 
tion for the engineers at Digital 
Dispatch. “After reading about 
the L.A. logic bomb, we felt 
there was a need to develop a 
product that would catch the vi- 
rus before it activated,” accord- 





Feds look to secure ports 
through Tempest 


The Tempest security program 
has been in existence now for 
more than a decade and is enjoy- 
ing its best business ever. Top 
U.S. computer manufacturers 
such as IBM, Digital Equipment 
Corp. and Wang Laboratories, 
Inc. have been offering Tem- 
pest-certified workstations for 
several years, spending a great 
deal of time and money shielding 
their equipment in order for 
their computers to undergo ex- 
tensive National Security Agen- 
cy testing before they are 
stamped Tempest-approved and 
placed on the government’s Pre- 
ferred Products List. 

Who buys these machines? 
Russ Aldrich, manager of Com- 
munications and Special Sys- 
tems at San Jose, Calif.-based Al- 
tos Computer Systems, Inc., one 
of the newer Tempest vendors 
on the block, says there are a 
number of government agencies 
that handle classified informa- 
tion and require Tempest equip- 
ment. Users include such heavy- 
weights as the Department of 
Defense, the Federal Bureau of 
Investigation and the Central In- 
telligence Agency. 

“{Altos] thinks that the U.S. 
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Tempest market will triple in the 
next three to five years,” Al- 
drich claims. ‘““Tempest only rep- 
resents one of three primary 
hardware security options now 
available. There are also embed- 
ded computer systems that go 
into ships and airplanes and elec- 
tromagnetic pulse [EMP] sys- 
tems, also called EMP-hardened 
systems, that are geared to with- 
stand indirect nuclear blasts. 
While EMP systems prevent ra- 
diation from coming into the sys- 
tems, Tempest keeps radiation 
emissions from getting out.”” 


Computers meet politics 
The Tempest process involves 
eliminating electromagnetic 
emissions (usually through lead 
shielding), produced by all auto- 
matic data processing equip- 
ment, that could be illegally 
monitored and deciphered. Tem- 
pest is one nexus where comput- 
ers, politics and espionage meet. 
Security also has a price. Al- 
drich says that Tempest-certify- 
ing a system will roughly double 
its final price. It can also take a 
vendor years to produce a ma- 
chine that, in the end, might not 
pass strict government Tempest 


ing to Hansen. 

In 1985, the firm introduced 
Data Physician, a $49.95 pack- 
age for PCs that reportedly lo- 
cates and helps remove viruses. 
When the PC boots up, the prod- 
uct works by monitoring files 
that have been listed by the user, 
Hansen explains. If the file is cor- 
rupted, Data Physician gives the 
operator the option to back up 
the original. 

One weakness of Data Physi- 
cian is that the waiting time for 
the file check is noticeable, Han- 
sen says. The company plans to 
offer a second virus-checking 
package that skirts this problem, 
however. “The software will be 
attached to the front end of each 
file so that it checks the file ev- 
ery time it’s used,” she says. 

Beyond Digital Dispatch’s 
products, users have few com- 
mercially available alternatives. 

Instead, managers need to 
monitor and regulate the use of 
their computer systems. “The 
best thing to do is limit the soft- 
ware that users can introduce to 
the system,” says Sanford Sheri- 
zen, president of Data Security 
Systems, Inc., a Natick, Mass.- 
based consultancy. 

Managers should also restrict 
who can make changes to the 
software and who can sign on, he 
says. — RH 


testing, a process that can take 
up to three months. 

“But Tempest spin-offs, es- 
pecially in software, are opening 
new markets,” Aldrich says. “A 
government-designated security 
measure called C2, which is built 
into software and provides a low- 
er level of user access security, is 
already getting a good deal of at- 
tention from private industry.” 

Software security, such as 
C2, which Aldrich says will show 
up in commercial products with- 
in a year and a half, and its more 
stringent security relative, B1, 
are set forth by the U.S. govern- 
ment in accordance with criteria 
in the Trusted Computer Crite- 
ria. This volume of criteria is is- 
sued by the Defense Depart- 
ment’s National Computer 
Security Center. 

Could Tempest eventually in- 
vade the commercial sector? 

“If you consider Tempest as 
just one of several possible secu- 
rity measures a company could 
look at, then Tempest could 
make some individual sales,” 
says Ed Clough, associate man- 
ager of public relations at Wang. 

Meanwhile, the number of 
Tempest vendors whose prod- 
ucts are listed on the U.S. gov- 
ernment’s Preferred Products 
List is growing. 

Systematics General Corp. of 
Sterling, Va., has used Apple 
Computer, Inc.’s Macintosh 
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Lock or shred your 
data cares away 


Most vendors and users think of 
data security in terms of elec- 
tronic security. But, the physical 
protection of data that is in the 
form of paper or magnetic media 
can be every bit as important and 
far more difficult. MIS is paying 
increased attention to physical 
defense measures — safes and 
vaults that secure data and 
shredders that destroy data. 

Buying such devices is not 
easy. Data safes, for instance, 
are not just born-again bank 
vaults converted to data storage. 
The protection of data is a very 
different thing from the protec- 
tion of money. A coin, for in- 
stance, is not likely to suffer de- 
struction because of humidity or 
magnetic fields. 

Even fireproof safes, which 
were designed to protect paper 
records, are not necessarily 
what a firm needs. Paper is much 
tougher than disks or tapes. 
While paper will easily survive 
temperatures of 350 degrees 
Fahrenheit, most magnetic me- 
dia will melt at 125°F to 150°F. 
Likewise, paper can stand high 
levels of humidity, but magnetic 
media perishes in the area of 
80% to 85% humidity. 

When purchasing a data safe, 
MIS officers should, therefore, 
make certain it meets the Un- 
derwriters Laboratories, Inc. 
(UL) standards for the protec- 
tion of magnetic media. The lev- 
el of protection required for the 
protection of diskettes is UL 
Class 125. 

Underwriters Laboratories 
tests safes by locking them and 
placing them in a furnace. The 
furnace is then fired to 1,700°F 
and left on for one hour or more, 
depending on the type of safe. 
Next, the furnace is switched off, 
and the safe is allowed to cool, in 
the oven, for a period of 45 
hours. If, during that time, the 
internal temperature of the safe 
exceeds 125°F or the humidity 
exceeds 80%, then it is not 
awarded UL Class 125 status. 

Several firms market safes at 
UL Class 125 or above. Schwab 
Safe Co., in Lafayette, Ind., of- 
fers a line of data safes ranging 
from desk-side models to The 
Monster, a strongbox nearly the 
size of a bank vault. 

However, along with ponder- 
ing the protection of data, MIS 
should also think about the de- 
struction of data. In an age of 
disk drives and high-speed print- 


computer to produce a Tempest- 
certified desktop publishing sys- 
tem; VCA Corp. of Reston, Va., 
has introduced a Tempest-ap- 
proved § supermicrocomputer 
that runs Unix; and Convex 
Computer Corp. of Richardson, 


ers, industrial espionage can be 
nothing more complex than the 
theft of a disk or printout. 

MIS officers must, therefore, 
include in their data security cal- 
culations shredders and other 
devices that prevent wastepaper 
from falling into the wrong 
hands. Fortunately, there is an 
entire shredder industry eager 
to be of service. 

Things to consider when buy- 
ing a shredder include the sort of 
media you want to destroy and 
how completely it must be ren- 
dered unreadable. If you are only 
dealing with single sheets of sen- 
sitive, but not critical, material, a 
desktop shredder may be all you 
need. But, if you must destroy 
whole printouts, microfilm, mag- 
netic media or even printed-cir- 
cuit boards, you will need indus- 
trial facilities. 

MIS will also need to consider 
how completely it needs waste 
broken apart. A simple shredder, 
which reduces a document to a 
collection of strips, is inexpen- 
sive and effective, but it may not 
be totally secure. A sufficiently 
dedicated enemy can paste to- 
gether the strips. 


Reduced to powder 

If your data is particularly sensi- 
tive, you may wish to invest ina 
device that reduces paper or oth- 
er media to a fine powder. One 
firm that makes such machines is 
Security Engineered Machinery, 
Inc. (SEM) in Westboro, Mass. 
This company markets devices 
known as “‘disintegrators.”’ 

An SEM disintegrator con- 
tains a cutting chamber in which 
paper, reels of microfilm, mag- 
netic tape, floppies and the like 
are ground apart by rotating 
blades. The waste fragments 
only leave the chamber when 
they are small enough to be 
drawn through a wire mesh — 
the size of which can be varied 
depending on your security re- 
quirements. 

SEM machines can be used to 
destroy just about any piece of 
paper, plastic or soft metal that 
can pose a security problem. The 
disintegrators will even swallow 
typewriter ribbon and circuit 
boards. Currently, most of 
SEM’s customers are govern- 
ment agencies, government con- 
tractors and American diplomat- 
ic services, which have 
disintegrators in U.S. embassies 
around the world. — MT 


Texas, has announced a Tem- 
pest variant of its C-1 supercom- 
puter. 

In the communications area, 
Wang and other companies are 
working on Tempest-secured lo- 
cal-area networks. — SK 
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The security of securities 


Electronic stock exchanges may make fraud harder to detect 


International currency, stock, bond and 
future exchanges have gone electronic 
with a passion in the last few years. In- 
creasingly, the business of securities ex- 
change has become a high-tech operation 
involving computers, data links and other 
aspects of an information-based industry. 

In the process, though, the interna- 
tional securities trade may be becoming 
increasingly insecure. Some analysts 
worry that a few thieves could exploit the 
sheer speed and flexibility of global trad- 
ing to conceal fraud on a vast scale. 

“What concerns me most is 24-hour 
trading,” says Jack Bologna, president of 
Computer Protection Systems, Inc., se- 
curity consultants. He notes that some 
stock exchanges are now trading 24 
hours a day. This is to the exchanges’ ad- 
vantage because it lets them woo custom- 
ers in every time zone on the globe. 

But, Bologna says, this situation also 
means there is no time when the ex- 
changes are forced to shut down and take 
account of what has occurred that day. 
“Huge amounts of fraud and embezzle- 
ment could be disguised as daily float, for 
instance,”’ he says. 

Yet this scenario does not even begin 
to address the problems securities deal- 
ers have when they attempt to keep their 
data and communications lines free from 
unwanted listeners. 

Some industry observers now believe 
that the only route to security is for the 
stock exchanges themselves to become 
guardians of securities transactions. 

For instance, one of the most automat- 
ed exchanges in the world is the Cincin- 
nati Stock Exchange. It is a little-known 
but vigorous exchange, gradually stealing 
business from both the American and 
New York stock exchanges. 

Its setup is completely computerized. 
It has no trading floor, no human brokers, 


no ticker tape machines or big board. In- 
stead, the operation consists of a vast 
room filled with fault-tolerant computers. 
Dealers and brokers, sitting in the com- 
fort of their offices across the country or 
the world, trade via electronic links. 

“You can’t break in, at least, not via 
dial-up access,” notes Cincinnati Ex- 
change President K. Richard B. Niehoff. 
Member brokers are connected through 
dedicated lines. And, he says, ““There’s no 
traffic on them but ours.” The data on 
those lines is encrypted via an algorithm 
that is probably proprietary to the ex- 
change, but even that data is classified. 

“Of course, someone could walk into 
one of our members’ offices, sit down at a 
terminal and start making trades,” Nie- 
hoff says. “But that’s rather easy to de- 
tect. A stranger doesn’t drop in off the 
street without attracting some atten- 
tion.” 

He notes that while these sort of pre- 
cautions won’t eliminate the possibility of 
fraud, they can reduce it to manageable 
levels. He notes, for instance, that the ex- 
changes know their members and know 
when someone who isn’t a member is get- 
ting into the system. 

Still, precautions work only when the 
exchanges are willing to take them. MIS 
already knows too well the long and bitter 
struggle to enforce even basic levels of se- 
curity on far less vital information. 

Ultimately, though, the computeriza- 
tion of stock exchanges is probably un- 
stoppable. The software developed by the 
Cincinnati exchange is being widely re- 
marketed in Europe. Meanwhile, those 
exchanges that have already gone elec- 
tronic have been roaring successes and 
ghost towns overnight. “If you look at the 
London exchange,” Niehoff notes, ‘“‘you’ll 
see the floor has become just about emp- 

y.’ —MT 





OH, HI. I'M GLAD YOU GOT HERE 

EARLY. THIS TIME THE DATA SECURITY 
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CHANGED IN THE BUDGET. 


1 THINK THE ONLY WAY TO [MPRESS 
THE IMPORTANCE OF PROPER DATA 
SECURITY 1S TO DRIVE HOME THE 
POINT OF VULNERABILITY, WHICH 
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the Commerzbank index dropped 28.3 
points. 

Prices have since begun rising. How- 
ever, the fraud will have longer term ef- 
fects on Volkswagen; the controversy 
has put a hold on West German govern- 
ment denationalization plans to sell its 
shares of VW stock. 





Gan you spot the person who’s accessing 
sensitive PC data without authorization? 


WATCHDOG® PC Data Security is a product you'll be 


interested in. It’s guaranteed to effectively safeguard your 
data against unauthorized use. 


Find out who it is yet? Probably not. 
Unauthorized users are nearly impossible to 
detect. They may work alone or with partners. 
They may be malicious, or, just curious. What’s 
certain is that they can access data you don’t 
want them to see. 


Watchdog is the proven solution—a system that 
secures PC data so thoroughly and easily, it’s 
now the leading product of its kind in business, 
government, the military, and all other types of 
organizations. 


What the Experts Say About 
Watchdog: 


“Watchdog ranks superior due to its ease of 
use, functionality, and reasonable price.” 
Datapro Reports on information Security 


“A sophisticated, comprehensive package that 
takes data security very seriously.” 
Lotus Magazine 


WATCHDOG is a registered trademark of Fischer 
international Systems Corporation. 

IBM is a registered trademark of international Business 
Machines Corporation 
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Watchdog integrates six crucial functions into one 
easy-to-use software package: 


e ACCESS CONTROL denies access to the PC 
and all data stored on the system unless the 
user has authorization. 


MULTIPLE USER PERMISSION LEVELS 
let you establish protections customized to 
meet each user’s needs. 


AUTOMATIC DATA ENCRYPTION is 
built into the data. Keys are established 
initially and then become automatic and are 
transparent to authorized users. 


FORMAT CONTROL prevents destruction 
of data by malicious or accidental formatting. 


AUDIT TRAILS monitor all system use . . . 
over 100 different reports are available. 


AREA MENUS organize your system for 
easy selection of programs and files. 


® System Requirements 
IBM ~ PC, XT, AT and all 100% PC compatibles. One 
floppy disk drive and one hard disk drive. 256K RAM and 
PC DOS (MS-DOS) 2.0 or higher. 


Circle Reader Service Number 53 


ORDER WATCHDOG ® Topay! 


CALL TOLL FREE: 


1-800-237-4510 
(In Florida, call 813-643-1500.) 


Watchdog is GUARANTEED. Try it without 
obligation for 30 days. Send us $295. If for any 
reason you are not completely satisfied with 
Watchdog, you may return it for a refund. 


vo 
FISCHER P.O. Box 9107 
INTE. 4073 Merchantile Avenue 
coe Naples, Florida 33942 


COMPUTERWORLD 


dB 


By Rich Tennant 


T UNDERSTAND THE RESISTANCE TO 

EXPEND MONEY FOR SOMETHING 

THAT HASN'T HAPPENED VET, BUT WITH 

THE NUMBER OF LOGIC BOMBS, WORMS, 

AND VIRUS CODES, YOU CANT TAKE 
Z oe AND ee A\TITUDE. 


U.S. fears foreign powers 
will access public data 
Former National Security Adviser John 


Poindexter’s ‘‘sensitive but unclassified” 
directive, which gave the government 


— power to monitor and censor private data 


bases, was rescinded in March. Howev- 
er, the U.S. administration is still con- 
cerned about foreign access to public in- 
formation. 

This fear stems from such data as that 
gathered in a 1985 status report from the 
National Telecommunications and Infor- 
mation Systems Security Committee. 
That report quoted KGB defector Vladi- 
mar Sakarov as stating that ‘the KGB 
routinely accesses credit agency data 
bases in order to find persons working in 
defense industries who are in serious 
debt.” 

The implication is that people in debt 
would be the most willing to trade nation- 
al secrets for cash with the KGB, the So- - 
viet secret police and intelligence agency. 

The Soviet Union as well as other 
countries continue to have access to these 
data bases, in part because Poindexter’s 
directive was rescinded. Businesses, legal 
experts and the administration agree 
that the directive had to be repealed be- 
cause it overstepped the boundaries of 
power set by the U.S. Constitution. 

However, the rescission of Poin- 
dexter’s directive has sent government 
security officials back to the drawing 
board to try and determine a means of 
protecting this type of information from 
foreign governments. 


News section compiled by Computer- 
world Focus staff members Stan Ko- 
lodziej, Michael Teer and Rebecca 
Hurst. 
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PRODUCT ANALYSIS 


_ Security 
in the first degree 


BY MICHAEL TUCKER 


or a while, data security was a relatively simple problem with a relatively simple cure. MIS 


just took the mainframe, plus the assorted tapes that ran on it and locked it all in the data 


center. For a slight additional investment, MIS could even obtain an intelligent user authori- 


zation subsystem — an armed security guard. 


Then came distributed processing, global networking and the personal computer with attached 


modem. Suddenly, data security became infinitely more complex. Sensitive information could be 


accessed now by any number of 
systems scattered across any 
number of locations using any 
number of different communica- 
tions lines. 

“With every new product re- 


lease, you get problems,” ex- ° 


plains Steve Josselyn, a senior 
analyst with consultancy Inter- 
national Data Corp., located in 
Framingham, Mass. ‘Technol- 
ogy is just running so fast that 
the ways to secure things 
haven’t kept up.” 

Happily for MIS 
managers, however, 
several security options 
are becoming available. 
They range from so- 
phisticated encryption 
algorithms to biometric 
user identification de- 
vices. Data _ security 
specialists say that 
matching the right solu- 
tion to the right prob- 
lem is now the second 
greatest data security 
challenge for MIS. 


Tucker is Computerworid 
Focus’s features editor. 


The most pressing challenge, 
the security experts say, is mak- 
ing upper level, non-data pro- 
cessing management aware that 
the problem exists. 

Ultimately, the choice of se- 
curity apparatus depends on how 
sensitive the information is. If 
the data is of relatively little val- 
ue, the system is a centralized 
machine, users are almost en- 
tirely on in-house terminals and 
security requirements are small, 


then a simple password system 
with multiple levels of access is 
alla company needs. 

However, recommending 
passwords is next to saying the 
company will have no security 
system at all. Password systems 
are like white picket fences and 
“Keep Off the Grass” signs; they 
depend on the cooperation of the 
very people they are supposed to 
restrain. 

Many MIS people report that 
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their biggest concern is not 
hackers, but legitimate users 
who wander into places where 
they’re not supposed to be. ‘We 
just can’t afford unrestricted 
connectivity,” says one MIS offi- 
cer at a Wall Street investment 
firm. “End users can mess up 
data files — maybe even their 
own pay records — by accident. 
After we point out that bit about 
payroll, we get lots of coopera- 
tion from end users.” 

For some situations, 
passwords are quite 
workable. But, MIS 
should never lose sight 
of just how insecure 
passwords really are, 
particularly if the sys- 
tem involved has the 
slightest capacity for 
dial-up access. 

“People will insist on 
using a password that’s 
taken from the dictio- 
nary,” warns John Car- 
roll, a professor and a 
specialist in data securi- 
ty at the University of 
Western Ontario in 
London, Ontario. 


FOCUS 17 





“There are programs available that 
dial up the system repeatedly, trying ev- 
ery word in the dictionary, until finally 
they get it in. It may take days, but, ulti- 
mately, they crack the system,” he says. 

Carroll notes that fairly easy measures 
can increase password effectiveness dra- 
matically, such as using upper- and lower- 
case in the password rather than just sim- 
ple ASCII characters. 

MIS can also increase the security of 
its systems by investing in products that 
allow greater management of dial-up ac- 
cess. Telco Systems Corp., headquar- 
tered in Natick, Mass., offers a product 
known as the Network Administrator. 
Running on a PC, the product can enforce 
password use, keep a complete audit trail 
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of network traffic, yield a call-back func- 
tion and provide for encryption. The com- 
pany says that a Network Administrator- 
governed network can be installed for less 
than $1,000 per host port. 


Dialing for dollars 

Once people access the mainframe by 
phone, MIS’s security problems are vast- 
ly increased. Few, if any, means of com- 
munication are easier for a dedicated thief 
to tap than the telephone line. 

But there is no guarantee of safety 
even if, by some miracle, MIS manages to 
enforce a ban on dial-up access. If a ma- 
chine is doing any sort of networking at 
all, MIS can usually assume that some- 
where along the line there is going to be a 
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choose offerings from independent orga- 
nizations. 

DES has been the security algorithm 
for almost a decade. It is so hard to crack 
that it was adopted by the supersecret 
NSA as well as the American banking 
community. Today, most encryption 
products on the market make use of DES 
in one form or another. 

However, the future of DES is unclear. 
The NSA recently announced that it had 
qualms about DES and that it was work- 
ing on its own set of algorithms. These 
new, more secure algorithms would re- 
main the property of the NSA, but the 
government would make them available 
to developers in the form of sealed chips. 
Vendors could then integrate these chips 
into their systems. ; 

DES users and vendors objected to this 
course of events. The American Bankers 


‘Association, for instance, led the fight to 


give DES a stay of execution. After a brief 
but energetic contest, the government 
agreed that DES will continue to be a 
standard in the commercial world. How- 
ever, the NSA will also continue work on 
its own set of devices for use in national 
security applications. 

Meanwhile, MIS can exploit DES. No 
matter what its eventual fate, DES re- 
mains one of the most secure encryption 
methods. To date, no one has reportedly 
broken it. 

DES-based systems are widely avail- 
able usually directly from large hardware 
vendors. Most computer makers offer 
DES encryption as an option on their box- 
es. A number of third parties offer it as 
well. Ideassociates, Inc. in Billerica, 
Mass., for example, offers Disket 2 Plus, a 
removable hard disk with DES encryption 
for the PC. When the disk is not in use, a 
user can simply remove it from a machine 
and lock it in a safe. If the disk is stolen, 
the data still cannot be read without a key. 
Disket 2 Plus is priced at $3,595. 

In the event that MIS does share some 
of the NSA’s concern about DES, it can ei- 
ther write its own encryption algorithm 
or go to an independent supplier such as 
RSA Data Security, Inc. in Redwood City, 
Calif. ‘We are the only private competitor 
to the NSA as a supplier of cryptographic 
algorithms,” claims D. James Bidzos, 
RSA’s vice-president. 


An algorithm alternative 

The heart of RSA’s product offerings is 
the RSA algorithm, named after company 
founders Ronald Rivest, Adi Shamir and 
Leonard Adleman, who developed it while 
they were professors at MIT in 1977. In 
some ways, RSA is actually more secure 
than DES itself. For example, RSA allows 
the data recipient to verify the sender via 
special data “envelopes.” 

Currently, RSA licenses its algorithms 
to both hardware and software vendors. 
Otherwise, a company can purchase it di- 
rectly from RSA in such products as Mail- 
safe, a PC-based product that costs $250. 

If a company requires further data se- 
curity, it can try to control user access. In 
practice, this control usually translates 
into a system whereby users receive a 
unique personal identification number 
(PIN), ID card or the like without which 
they cannot access host data. The classic 
example of this security arrangement is 
the automatic teller machine, which pre- 
vents transactions without the user pre- 
senting both a PIN (in the form of a pass- 
word) and a bank card. 

Requiring PINs is an inexpensive and 
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easy way of beefing up security. Unfortu- 
nately, because PINs are only upgrades of 
traditional passwords, they can also:be in- 
secure. Therefore, most vendors com- 
bine PINs with some sort of hardware us- 
ers must attach to their systems or 
terminals. 

For example, Leemah Datacom Secu- 
rity Corp., located in Hayward, Calif., of- 
fers the Tragnet Secure Call-In Device 
(SCID), which brings a hardware/PIN 
combination to dial-up networks. When a 
Leemah product, Tragnet 2000, is in- 
stalled on the host, an end user must have 
a Tragnet SCID and a PIN to gain access. 
The user dials in the PIN, and the 2000 
identifies the number and sends back a 
challenge code. The SCID then returns a 
DES-encrypted response. If everything 
matches, the user can access the system. 

Meanwhile, the hardware user ID de- 
vices getting the most attention right now 
may be smart cards and smart card read- 
ers. Smart cards are similar to credit 
cards except that they contain a consider- 
able chunk of information about the user. 

Some smart cards contain a small mi- 
croprocessor plus attached read-only 
memory. However, there are other tech- 


In an age when 
communications managers 
will use multiple channels of 
communication — routing 
data around failed nodes or 
switching carriers at a 
moment’s notice to take 
advantage of reduced prices 
elsewhere — networks leak 
like sieves. 


nologies vying for the smart card role. 
Drexler Technology Corp. in Mountain 
View, Calif., has been promoting Laser- 
card, an optical memory card system. 

There is, however, one common draw- 
back to passwords, PINs, smart cards and 
encryption keys: They can be stolen. 

If a company’s data-is very important, 
the firm may wish to investigate biomet- 
ric ID devices. These machines identify 
users by some physical feature that is al- 
most impossible to duplicate, such as fin- 
gerprints or voice patterns. ‘Generally 
speaking, the best solution is something 
that’s personally unique to the user,” says 
Jack Bologna, president of security con- 
sulting agency Computer Protection Sys- 
tems, Inc. “Something that is part of the 
user is about as personally unique as you 
can get. Some of the experts talk about 
biometric devices as being the ultimate in 
user access control.” 

At the moment, biometric ID devices 
have their share of development prob- 
lems. All but the highest end systems, for 
example, suffer from high error rates. Bo- 
logna thinks it will be five years before 
“biometric devices are tolerably perfect- 
ed. I think a 90% to 95% recognition rate 
is about the best we’re going to manage.” 

Still, for the MIS officer whose data 
simply must not be stolen, biometrics 
hardware may be the best bet. A number 
of companies currently offer systems that 
might be either directly attached to user 
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workstations or merely used to keep un- 
authorized personnel out of DP areas. 
Fingerprint recognition systems can 
be obtained from vendors such as Finger- 
matrix, Inc., of N. White Plains, N.Y., and 
Indentix, Inc., of Palo Alto, Calif. Each 
firm provides terminals that can quickly 
identify users by comparing an electronic 
reading of a user’s fingertips with a tem- 
plate stored in a system memory. The 
Fingermatrix product costs $3,500, while 
the Indentix product costs $5,000. Inden- 
tix is working on a version of its product 
that would fit into a PC’s expansion slot. 
Another biometric approach is retinal 
identification. Eyedentify, Inc. in Beaver- 
ton, Ore., offers a series of devices that 
scan a user’s eye with an infrared light and 








attempt to match the pattern of blood 
vessels in the individual’s retina with a 
stored image. Eyedentify’s systems are 
very high end; they cost between $6,000 
and $7,000 and are very secure. 

It is thus possible to use a combination 
of PINs, cards, encryption and biometrics 
to produce a security system that would 
put Fort Knox to shame. 

But if that system is not matched by a 
commitment to security on the part of up- 
per level management, it will be totally 
useless. ‘‘Let’s assume you have a secure 
system,” explains Charles E. Perkins, se- 
curity supervising consultant with Balti- 
more-based Coopers & Lybrand. ‘What 
do you [the business executive] do with 
the data? Well, you print it out. Then, you 


stick it into an interoffice envelope that is 
secured with nothing more than a string, 
and you hand it to a mail clerk who’s paid 
the princely sum of $3.50 an hour.” 

His point is simply that data security is 
not, strictly speaking, an MIS problem. It 
is a corporate problem. The theft of data 
is, in the end, no different than the theft of 
any other company asset. “Senior man- 
agement is only now becoming aware of 
the fact that they’ve got a strategic asset 
in data,” Perkins notes. 

The challenge for MIS is to make the 
security issue clear to employers who, 
through simple carelessness, may be the 
far greater threat to data than whole ar- 
mies of hackers. But, Perkins admits, “‘it’s 
a tough sell.” > 
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SECURITY 
MANAGEMENT STRATEGIES 


A new 


vigilance 


Security has piqued 
the interest of MIS 
and management at all levels 


BY STAN KOLODZIEJ 


s if MIS managers don’t have enough work dealing with applica- 


tions backlogs, fielding user complaints and grooming them- 


selves to become chief information officers, they must also 


shoulder the growing chore of computer security. 


Safeguarding systems is no mean task. Computer security runs the gamut 


from individual passwords and data access controls to multimillion-dollar 


disaster recovery plans. MIS has done its homework 
throughout the past decade trying hard to convince 
senior-level management in corporations that secur- 
ing the data center is not just important to their busi- 
nesses — it is critical. 

“The selling job is paying off,” explains Charles 
Perkins, a supervising consultant with the Manage- 
ment Consulting Services division of Coopers & Ly- 
brand, located in Baltimore. ‘More businesses have 
become aware of just how dependent they are now on 
the computer. If the computer is not the brains, it is 
certainly the heart of most corporations. As the com- 
puter goes, so does the business. It’s given a sense of 
vulnerability to a lot of companies.” 

That sense of vulnerability, combined with some 
recent, well-publicized computer-related disasters, 
has drawn more senior managers into the security 
picture. 

“That whole attitude — upper management tell- 
ing MIS they really don’t know what MIS is doing and 
don’t want to know as long as the reports are getting 
out — has changed,” says Jack Bologna, president of 
Computer Protection Systems, Inc., in Plymouth, 
Mich. “‘It’s too important now not to know about the 
data processing side.” 

Senior management’s attitudes toward security 


Kolodziej is Computerworld Focus’s senior editor. 


are changing, agrees Jim Finch, president of Cerberus 
Computer Security, Inc., a Toronto data security con- 
sulting firm. “Each year, top management seems to 
become a year younger as a new generation comes in. 
I wouldn’t say that the new generation is obsessed 
with security, but they are probably much more com- 
puter literate. And in that computer literacy, one of 
the slots is security.” 

There are other factors prompting top manage- 
ment to sit up and take notice of computer security. 
The U.S. government has legislated security laws in 
the banking and savings and loans industries, two key 
U.S. businesses. In 1983, the Comptroller of the Cur- 
rency and Administrator of National Banks passed a 
federal law that all national banks must have a disaster 
recovery plan in place. In 1986, the Federal Home 
Loan Bank Board declared the same stipulations for 
U.S. savings and loan institutions. 

“These are important, high-profile industries,”’ 
explains Nancy DeMatteo, vice-president of educa- 
tion at HSH, Inc., a Dublin, Ohio, computer security 
consulting firm. “(Security] is a big issue. The govern- 
ment has deemed it important enough to step in and 
take action. By doing so, it has declared computers 
critical not only to these businesses but also to the 
U.S. economy in general. It has caught the attention 
of MIS superiors.” 

At Irving Trust Co. in New York, the federal 
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banking security law helped un- 
derline what Walter Hill, senior 
hardware planner for the bank, 
describes as an already major 
concern within the company. 

“‘We’ve never had to hit man- 
agement over the head about se- 
curity,” Hill explains. “Our risk 
management group oversees in- 
formation systems security and 
is always talking to senior man- 
agement. What we have is a con- 
certed security effort between 
the information systems group, 
internal auditors and the corpo- 
rate risk management group.” 

The selling job has paid off, 
but the flip side of extra security 
measures is a heavier work bur- 
den for MIS. In some cases, MIS 
seems to have taken a security 
tiger by the tail. 

“It gets tougher every day,” 
Hill admits. “It’s a lot of work 
and planning, and that’s not all. 
We’re now using some of our 
smaller computers to develop di- 
saster recovery plans for our for- 
eign branches. We have to. It’s 
considered critical because our 
business is so _ international. 
Though our contingency plans 
are broadening, I’m still the only 
one who does it. With MIS staffs 
cut back, it gets even harder,” 
Hill says. . 

Joe Wholley, manager of MIS 
evaluations at Borg-Warner 
Corp., a Chicago-based conglom- 
erate, describes his firm’s spe- 
cial security needs. Wholley says 
Borg-Warner is basically a series 
of autonomous operating divi- 
sions, and although two of the 
company’s divisions have opted 
to contract with outside consult- 
ing firms for help in computer se- 
curity planning, other divisions 
and headquarters have handled 
much of the final formatting and 
installation of security plans 


themselves. There is a balancing 
act between corporate and divi- 
sional security objectives. 

“Our plan had two parts,” 
Wholley explains. “MIS first 
tried to get all the logistics in 
from various divisions about 
numbers of equipment, kinds of 
personal computers and soft- 
ware applications and so on. 
Next, we got management [at 
the divisions] to identify the key 
users of these systems. To help, 
we sent them a seven-page ques- 


The selling job has 
paid off, but the flip 
side of extra security 
measures is a heavier 
work burden for MIS. 
In some cases, MIS 
seems to have taken a 
security tiger by the 
tail. 


tionnaire. 

“Sitting down with the divi- 
sion managers and key users, we 
reviewed the [questionnaire] re- 
sults and then started to under- 
stand how much interdepen- 
dence there was among the 
various departmental groups and 
divisions, how much the recov- 
ery of these systems would in- 
volve and what the effects would 
be on these users to be without 
computer service.” 

Next, Wholley had key users 
sit down and prioritize the fol- 
lowing: how soon they would 
need a recovery service; what it 
would involve for them to do 
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their work on a manual basis if 
necessary; and, if they opted for 
a stand-alone backup system ona 
microcomputer, what files were 
crucial to business and what ap- 
plications would need to come up 
first should a disaster occur. 

“These key users were the 
ones who ultimately derived 
what the outage and recovery 
periods would be,” Wholley ex- 
plains. ‘‘Although the initial lo- 
gistics involved a general fill-in- 
the-blanks approach, I had done 
data center reviews at every one 
of the divisions and knew their 
operations fairly well enough to 
tailor their security to some de- 
gree. In the end, use was highly 
individualized because each loca- 
tion had a different set of de- 
mands that were met. But it’s 
their responsibility to put their 
own plans in motion.” 

Though much of the attention 
has centered on physical disas- 
ters such as floods, fires and 
computer crime, computer secu- 
rity is widening its contents. The 
spread of PCs as stand-alone de- 
vices, as parts of local-area and 
long-haul networks and as de- 
vices plugging into mainframes 
is causing security headaches for 
MIS. 

“There’s one organization in 
the Chicago area that recently 
conducted a study to see how 
many PCs it had hanging 
around,”’ Coopers & Lybrand’s 
Perkins explains. “The firm dis- 
covered it had more money in- 
vested in PCs than it had in the 
data center.” 

Perkins adds that the entire 
area of PC controls is of major 
concern right now. ‘You have 
the question of PC data security, 
the question of compatibility, 
standardization and so on, and 
I’m not sure that upper level 
management really understands 
this. It’s too abstract. It doesn’t 
seem as immediate and as real.as 
disasters,” according to Perkins. 

Cerberus Computer’s Finch 
agrees. “The hot security topic 
these days is the PC, largely be- 
cause So many people are learn- 
ing about PCs for the first time. 
Downloading [data] is a big con- 
cern, but it’s really not so much 
of a security problem as it is a 
matter of trust and personnel 
management.” 

Finch adds: “I don’t think 
MIS is doing much of a job in edu- 
cating its users on the security 
procedures and implications of 
PCs. I think the user depart- 
ments are making more use of 
outside educational facilities. 
There are consulting groups 
now that teach security proce- 
dures all the way through the 
corporate pecking order. They 
are running security confer- 
ences on a continual basis.”’ 

Bologna of Computer Protec- 
tion also says he feels the end- 
user community is not getting 
adequate instruction from MIS 
on a variety of security concerns. 
These concerns range from 
passwords to the impact of PCs 
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and departmental-level data 
bases to the reason for the vari- 
ous levels of access security. 

“T guess the fault should lie 
with those people who know the 
most about it, that is, MIS,’’ Bo- 
logna explains. ‘But MIS is al- 
ready under a lot of pressure. I 
also think there’s a feeling 
among MIS personnel that they 
are doers, not teachers. They’ll 
leave that to others.” 

Companies such as HSH and 
Computer Protection Services 
have taken up much of the slack 
in educating users about corpo- 
rate security procedures. 

“‘A majority of companies will 
send employees to security con- 
ferences and seminars,’’ HSH’s 
DeMatteo explains. “What we 
try to provide [through educa- 
tion] are user methodologies for 
their own security plans. [This 
education is] not just for end us- 
ers but for senior management 
as well. Security plans are more 
corporatewide now, not just fo- 
cused on the data center.” 

Some companies already 
have an inside educational re- 
source: information centers. 

“We use the information cen- 
ter to handle some of the securi- 
ty education when MIS is over- 
burdened,” Irving Trust’s Hill 
explains. “We feel that the only 
way you know you have a work- 
able plan is to go out and test it. 
And the only way you know that 
your people understand their re- 
sponsibilities is to have an ongo- 
ing presence. That’s why we test 
all the time, get the people in- 
volved, and that’s the way we 
gain a confidence level that what 
we do would work ina disaster.” 

Finch claims, however, that 
Irving Trust’s case is atypical. 
“Rarely are there enough skills 
in the client company to cover 
education,” Finch says. “‘Com- 
panies used to come in and do 
short, snappy [security] assign- 
ments, do a security review and 
often provide some instruction.” 


Security tasks grow 

The security task checklist con- 
tinues to grow for MIS. Comput- 
er technology and increased 
business competition is putting 
more stress on communications 
and on-line transaction process- 
ing. With this emphasis comes a 
need for devices such as fault- 
tolerant systems. 

“It’s not just the traditional 
companies such as brokerage 
firms, banks and airlines that 
need fault-tolerant systems,” 
explains Charles Caswell, presi- 
dent of Caswell Systems, Inc., a 
Hudson, Mass., developer of a 
disaster-tolerant computer tech- 
nology. “More and more compa- 
nies are beginning to put their 
computer operations on-line. 
They are beginning to move 
away from the batch environ- 
ment into one in which on-line 
data is of equal importance or of 
even more importance than 
batch data. 

“In this kind of environment 


you have to constantly maintain 
the integrity of the data files,” 
Caswell says. ‘The system has 
to be available and up all the 
time. As more people are saying, 
‘We certainly need fault toler- 
ance,’ they are also saying, ‘We 
also need some sort of disaster 
recovery plan.’ They are tending 
to see these two as separate en- 
tities. In reality, though, if they 
step back a bit and think about 
them as one entity, they can 
achieve both goals.” 

According to Perkins, securi- 
ty consulting firms are fast be- 
coming essential third-party 
players in dealings between MIS 
and disaster recovery firms. 


Unique solutions 

“There are a number of different 
philosophies on business conti- 
nuity planning. There are nu- 
merous cookbook, _fill-in-the- 
blanks contingency planning 
products on the market,” Per- 
kins claims. “The fact is every 
organization has some - things 
that are unique to it. Two firms 
in the same industry with the 
same hardware and software 
probably will not use identical so- 
lutions because of the business 
philosophies of the organiza- 
tions. 

“I feel consultants are more 
objective and can provide a more 
customized approach to comput- 
er security,” Perkins says. In ad- 
dition, consultants can save cus- 
tomers money. He says that his 
group is often called in to go over 
client contingency plans and look 
for overlap and waste. 

Finch is not so convinced. 
“There’s always a fundamental 
checklist of security things to 
cover first in any organization,” 
he says. 

“Consultants always look at 
their competition in the business 
place as perhaps using more 
mundane techniques than they 
are. Any consultant, however, is 
going to tell you that they use 
unique techniques for unique 
problems.” 

However, Perkins insists on 
the necessity of a neutral party 
who can come in and not get in- 
volved in the client’s inevitable 
political problems. ‘You go to an 
organization and ask a user if his 
application is critical. If you don’t 
do it in a structured and thought- 
out way, what [else will] users 
say but, ‘Of course I’m critical. If 
I’m not critical, why am I here?’ 
You have to be above the politi- 
cal pulls.” 

Bologna says he agrees that 
most MIS can use outside help in 
security matters. “One of the 
problems MIS has to fight is the 
conception by upper manage- 
ment that MIS can do anything,” 
he says, “‘and that often applies 
to computer security as well. 
[Outside aid] can help, but you 
can’t just throw money at a secu- 
rity problem and expect every- 
thing to be cured. Most of it is 
still going to fall on the shoulders 
of MIS.” ” 
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Are you doing 
anything? 


A Big Eight firm’s 
computer security 
survey results 


BY TONI B. FISH © 


hile managers realize the benefits of computers, 


it has been only recently that they have begun to 


recognize the flip side of computerization — the 


dangers associated with breaches in computer security. 


For many years, information security was almost exclusively a con- 


cern of military-related organizations and the banking industry. Now, 


in many kinds of business, when senior execu- 
tives evaluate the caliber of their organizations’ 
information systems, they see effective security 
as the popular new kid on the block. 

This trend is evidenced by a computer secu- 
rity survey conducted in November 1986 by 
Ernst & Whinney, a Cleveland-based interna- 
tional management consulting, accounting and 
tax advisory firm (see story page 24 for survey 
methodology and re- 
spondent profile). The 
survey revealed that 


care of computer infor- 


Safe and sound 


‘the maintenance and Ay Eynst & Whinney study reveals 
an increasing level of concern 


cern to senior management. 

Eighty-seven percent of the survey respon- 
dents indicated that their companies recognize 
the increasing importance of security issues 
(see chart this page). However, only 6% of the 
respondents said their organization’s safe- 
guards against security risks are completely ad- 
equate. These results demostrate that there is 
still a gap between security awareness and im- 
plementation. 

This gap is not 
unique to security; of- 
ten, when an organiza- 
tion’s senior manage- 
ment recognizes a new 





mation are of vital con- 


Fish is codirector of Ernst & 
Whinney’s information secu- 
rity services practice in 
Cleveland. 
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for security among MIS professionals 


* 87% recognize security's 
importance 
~, © 75% are implementing 
) security policies 
* 62% see security 
* 42% have security orientation 
for new employees 
¢ Only 6% say security 
ia) safeguards are adequate 


concept, middle man- 
agement needs time to 
develop a structure or 
procedure to accommo- 
date that idea. 
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For example, 62% of the respondents said 
they believe security risks are rising, and 75% 
are taking steps to implement security policies. 
Less than half, or 42%, of the organizations sur- 


veyed have information and computer security: 


orientation programs for new employees. So, 
while awareness and concern about security is- 
sues are increasing, survey respondents recog- 
nize that the actual safeguards organizations 
implement are not meeting these concerns. 

The survey identified other major security 
issues, including the following: 

¢ Data protection from the competition and 
employees. 

¢ Priority of data classification, network se- 
curity, microcomputer security and contingen- 
cy planning. 

¢ Continuity of service. 

¢ The impact of the National Security Deci- 
sion Directive 145 (NSDD 145). NSDD 145 
was signed by President Reagan in September 
1985. The directive established national policy 
concerning the telecommunications and infor- 
mation systems security of government con- 
tractors. 

The respondents identified their competi- 
tion, employees and foreign governments as the 
primary groups from which they want to pro- 
tect their organizations’ data. They also cited 
suppliers, customers and public interest groups. 

Respondents from government and nongov- 
ernment organizations had differing opinions 
about which group was more important. 
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Business and industry identified 
their competitors as the most 
important group from which 
they must protect their data. 
Government organizations cited 
foreign governments as a top- 
priority threat. Protection of in- 
formation from employees 
ranked second for both govern- 
ment and industry. 

Historically, the security per- 
spective grew from the audit 
perspective. That is, organiza- 
tions considered internal, unau- 
thorized access to critical infor- 
mation by employees as their 
major security threat. The 
emergence of competition as a 
computer security concern is a 
new trend. Reasons behind this 
trend include the increased com- 
puterization of strategic infor- 
mation and organizations’ recog- 
nition that this information and 
effective automation provide a 
competitive advantage. 
Priority issues 
Respondents identified data clas- 
sification, network security, mi- 
crocomputer security and con- 
tingency planning as the primary 
security issues currently facing 
government and nongovern- 
ment organizations. Given that 
data-classification is required of 
many government agencies, it is 
not surprising that more govern- 
ment respondents than nongov- 
ernment respondents listed data 
classification as a priority issue. 
It is surprising to note, however, 
that this issue was not even men- 
tioned by respondents in a simi- 
lar Ernst & Whinney security 
survey last year. 

Network security — last 
year’s top priority issue — was 
mentioned frequently by both 
nongovernment and govern- 
ment organizations. While the 


DISASTER 
CRITICAL DATA IDENTIFIER 


DataGuard Incorporated, a firm engaged solely 
in the field of information asset protection, has 
developed a revolutionary computer software tool 
to aid in the Program Security and Disaster 


Recovery Process. 


This utility software operates using VS, MVS, 
MVS/XA, supports IDMS and IMS installations, 
provides the capability to rapidly, frequently and 
accurately review SMF data for critical data 
identification and tracking. 


Written in SAS, this automated system is available 
on a license basis from: 


INCORPORATED 


survey did not define it, network 
security usually includes protec- 
tion of computer networks and 
computer applications from au- 
thorized and unauthorized users, 
message confidentiality and in- 
tegrity and end-user authentica- 
tion. End-user authentication 
will continue to be a focus of se- 
curity efforts as the processing 
environment becomes more 
complex and as user identity 
grows more difficult to verify. 

To meet the current and fu- 
ture demands of network securi- 
ty, the use of encryption will in- 
crease greatly, according to 
Ernst & Whinney. Increased 
networking will require new 
methods to ensure confidential- 
ity and integrity based on en- 
cryption technologies for tele- 
communications, file storage and 
message authentication. 

Both surveys targeted micro- 
computer security as a major is- 
sue. Although the surveys did 
not specifically define the term 
“microcomputer security,” a 
general interpretation includes 
microcomputer protection as 
property; applications protec- 
tion from outside interference or 
contamination; and data protec- 
tion, whether stored therein or 
on associated storage media, 
from modification, destruction 
and disclosure. Micro security 
also involves protecting an orga- 
nization’s systems, applications 
and data from microcomputer 
failure, error, omissions and ma- 
licious acts by users. 

Government _ organizations 
placed high priority on contin- 
gency planning and disaster re- 
covery, which was also ranked as 
one of the top three security pri- 
orities in last year’s survey. 

However, contingency plan- 
ning is no longer merely a gov- 
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Survey respondent profile 


Ernst & Whinney gathered information for 
its 1987 Computer Security Survey at the 
Computer Security Institute’s annual con- 
ference in Atlanta in November 1986. Ap- 
proximately 1,000 three-page question- 
naires were distributed at the conference 


with 562 returns. 


Survey respondents represented 11 in- 
dustry groups, with two-thirds coming from 
government (25%), manufacturing (18%), 
financial services (15%) and insurance (9%). 

Most of the responding organizations 
are large and have large DP departments. 
Forty-seven percent have more than 600 


employees in their DP departments. Twen- 
ty-one percent came from organizations 
with 201 to 600 DP employees; 21% have a 
staff of 51 to 200 employees; and 11% have 
less than 50 DP employees. 

Fifty-eight percent of the respondents 


were actually employed in the security man- 





ernmental concern; nongovern- 
ment organizations are also 
beginning to recognize the im- 
portance of formal planning for 
business continuity. 

Most respondents said ser- 
vice continuity ig almost as im- 
portant to their organizations as 
data integrity and more impor- 
tant than confidentiality. Be- 
cause directives from the Office 
of Management and Budget re- 
quire government organizations 
to implement contingency plan- 
ning and data recovery schemes, 
the government results were ex- 
pected. It is noteworthy howev- 
er, that business and industry 
placed so much emphasis on con- 
tingency planning. 

When it comes to implement- 
ing contigency measures, most 
organizations consider the issue 
to fall under DP’s domain. In ad- 
dition, many companies tend to 
put off contingency planning un- 
til tomorrow. 

According to Ernst & Whin- 
ney, contingency planning is a 
business issue, not a data pro- 
cessing issue. It is an issue that 
organizations must address to- 
day, before service interruptions 
affect business in terms of lost 
time, business opportunities and 
revenue. As everyone relies 
more on complex systems and 
networks, contingency planning 
programs must ensure that or- 
ganizations can continue daily 
operations without these sys- 
tems. 

The survey also asked about 
the effect that NSDD 145 is hav- 
ing on security activities in the 
public sector. NSDD 145 is ap- 
parently not meeting its intend- 
ed objective of actively involving 


the National Security Agency 


and the National Computer Se- 
curity Center in advising indus- 
try in security matters. 

Only 6% of the nongovern- 
ment organizations said the di- 
rective has significantly affected 
their security activities, while 
46% said NSDD 145 has not af- 
fected their organizations in any 
way. Also, even though govern- 
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ment organizations are required 
to observe the directive, only 
24% of the government respon- 
dents reported a significant im- 
pact on their organizations be- 
cause of NSDD 145. 

Ernst & Whinney findings in- 
dicate the rate at which industry 
accepts and implements infor- 
mation security and contingency 
plans depends heavily on the 
emergence of new standards for 
due care in security. These stan- 
dards must be based on security 
policies that are more relevant 
to industry than those currently 
advocated by the National Cen- 
ter for Computer Security under 
NSDD 145. The standards-set- 
ting process must be a joint ef- 
fort between industry and gov- 
ernment, possibly under the 
auspices of an organization such 
as the Institute of Electrical and 
Electronics Engineers, Inc. or 
the American National Stan- 
dards Institute. 

Losses continue to result 
from security mishaps; 51% of 
the respondents reported finan- 
cial losses within their compa- 
nies because of security prob- 
lems. Government and 
nongovernment organizations 
showed similar responses. Con- 
sistent with last year’s results, 
most respondents reported mi- 
nor losses (less than $10,000 
during the past two years) or no 
losses. However, 12% of the re- 
spondents reported losses of 
$50,000 to $500,000 during the 
past two years. 

Financial losses are not the 
only losses at stake, however. 
Thirty-two percent of the firms 
surveyed reported nonfinancial 
losses. Unauthorized access to 
data by employees was reported 
as the leading cause of nonfinan- 
cial loss. Of the 24 respondents 
who cited unauthorized access as 
the leading nonfinancial security 
event, 19 cited employees as the 
perpetrators; only 5 respon- 
dents listed hackers as a con- 
cern. Survey results indicate 
that hackers are generally per- 
ceived to be an embarrassment 


agement functions of their organizations. 
These included information security manag- 
ers (30%), security officers (14%) and secu- 
rity specialists (14%). The remainder of the - 
respondents came from computer and DP 
functions, accounting positions and various 
management positions. — Ton1 B. FisH 


or nuisance to security but not a 
serious threat. 

Organizations are concerned 
about protecting both computer 
and noncomputer data. In a com- 
parison of government and non- 
government organizations, 60% 
of the government organizations 
focused on protecting both types 
of information, but only 40% of 
the nongovernment organiza- 
tions cited both. 


Classified vs. public data 
Whether protecting computer or 
noncomputer data, respondents 
indicated that their organiza- 
tions handle various types of in- 
formation ranging from public to 
government classified. The dis- 
tribution of this information var- 
ies significantly between gov- 
ernment and nongovernment 
organizations. While 31% of gov- 
ernment organizations primarily 
handle ‘‘government-classified”’ 
data, only 4% of the nongovern- 
ment organizations handle gov- 
ernment-classified data. Fifty- 
two percent of the data handled 
by nongovernment organiza- 
tions is “‘company confidential or 
proprietary” information, but 
this type of data accounts for 
only 23% of the data handled by 
government organizations. 
Computers have become an 
integral part of our society. In 
fact, they have become so impor- 
tant that when something inter- 
feres with their effective and in- 
tended use, segments of society 
may become handicapped. 
Management is focusing on 
the need to provide for integrity 
and confidentiality of the infor- 


-mation it uses to plan, control 


and provide products and ser- 
vices. Management also under- 


.Stands its responsibility to plan 


for the continuity of its services. 
Once management recog- 
nizes the need for effective secu- 
rity, it must come up with proper 
solutions to ensure that organi- 
zations can maintain the confi- 
dentiality, integrity and continu- 
ity of their information systems 
services. ~ 


JUNE 3, 1987 

















SECURITY 





JUNE 3, 1987 


Insider 





EMPLOYEE CRIME 


crimes 


threaten corporate 
well-being 


BY MARTIN NABUT 


he whole notion of computer security has a quality of intrigue. It conjures up ideas of 


industrial espionage, no-holds-barred competition, laptop-toting terrorists and other 


felons playing fast and loose with sensitive information belonging to banks, corpora- 


tions and government agencies. 


But many executives say those ideas are more suited to spy novels than to reality. The fact 


is that despite the increase in personal computer-to-mainframe links, in spite of local-area 


networks (LAN) growing chaotical- 
ly and opening new entry points to 
would-be data thieves, data base 
theft basically is, has been and prob- 
ably will continue to be primarily an 
insider’s crime. 

MIS directors, security manag- 
ers and industry consultants agree 
that the breaking and entering as- 
pect of data theft, though widely re- 
ported, is less the game of clever 
hackers than of disgruntled employ- 
ees. As an MIS director at Morgan 
Stanley, Inc. in New York puts it, 

“It’s easier to corrupt a human than 
asecurity system.” 

That executive, who asked not 
to be named, and others at major 
corporations, say that both hard- 
ware and software technological so- 
lutions are useful in preventing an 
outsider from getting into a data base, but 
an unhappy employee with access is the 
real problem. 

For example, Hal Jackson, director of 
computing technology at AT&T Bell Lab- 
oratories, compares electronic data theft 
with the theft of confidential papers from 
a desk — both are easily accomplished by 
a dishonest employee wandering compa- 


Nabut is a free-lance writer working in Morris- 
town, N.J. Now retired, he previously was employed 
by AT&T for 20 years as a public relations special- 
ist. 


ny corridors. ‘‘Security depends on the in- 
tegrity of people,” Jackson says. 

Unfortunately, there are no hard num- 
bers on data thefts or on other electronic 
crimes because records are kept only for 
crimes that are prosecuted. While cases 
involving flamboyant outside hackers are 
widely reported, many inside thieves 
caught compromising a company’s sys- 
tem are quietly dismissed from their jobs 
without fanfare or legal action. 

Why the corporate reluctance to publi- 
cize or prosecute? Jay BloomBecker, di- 
rector of the National Center for Comput- 
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er Crime Data in Los Angeles, says 
that employers often shy away from 
prosecution because they view it as 
an admission that their security sys- 
tem can be breached. Publicity in 
such cases could cause significant 
loss of business. BloomBecker also 
sees this trend as “perhaps a basic 
cynicism that the criminal justice 
system really works in cases of elec- 
tronic crime.” 

Thus, although 47 states now 
have laws against computer theft, 
only 75 cases have been prosecuted 
in the last eight years, and more 

4 than 80% of those prosecuted were 
2 insider jobs, according to the cen- 
ter’s statistics. | BloomBecker 
+ claims the most common job classi- 
fications of data thieves are pro- 
grammers, computer input clerks, 
bank tellers, insider-outsider combos and 
students. The latter group includes teen- 
age hackers as well as college pranksters. 
The ambiguity of computer crime sta- 
tistics is also in evidence when trying to 
identify the victims of such misconduct. 
According to the National Center for 
Computer Crime Data, the most sinned- 
against faction is the commercial user, a 
group that includes nearly everyone. The 
No. 2 and No. 3 victims in this list are 
banks and telecommunications compa- 
nies, respectively. 
Banks are inevitable victims because, 
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to quote Willie Sutton, the infa- 
mous bank robber, ‘“That’s 
where the money is.” The data 
that bankers need may be spread 
over scores of computers in an 
international network. 

Every morning hundreds of 
bank customers, mostly corpo- 
rate treasurers, dial up their 
banks’ central data bases to 
check their companies’ cash flow 
and to authorize the transfer of 


“It’s easier to corrupt 


a human than a 


security system.” 


MIS DIRECTOR 
MORGAN STANLEY, INC. 


funds between accounts. Each 
day, these systems handle in- 
structions governing the flow of 
billions of dollars. 

Allowing so many people to 
have access to a bank’s system 
increases the risk of a security 
breach, of course, but it saves 
the banks millions annually by 
reducing manpower require- 
ments and saving time. 

The question is, Can user- 
friendly reach a point at which it 

makes a system abuser-friendly? 
“Banks are not the only organi- 
zations wrestling with the con- 
flict between security and the 
free exchange of information. 
Bell Laboratories, for example, 
has long been an advocate of the 
free exchange of information. 
However, according to Jackson, 
“Free exchange of information is 
sometimes at cross-purposes 
with security considerations, so 
we have to come up with reason- 
able compromises. [We’re] often 
confronted with having to make 
a trade-off between security and 
efficiency for system users. 


Integrity at stake 

“There really aren’t any reme- 
dies for disgruntled employees 
compromising security,” Jack- 
son says. “It comes down to the 
integrity of people.” 

In Bell Labs’s case, security 
education begins at home. Jack- 
son’s division combines the MIS 
functions of technology and se- 
curity to manage a corpor- 
atewide program that involves 
employees in activities such as 
watching videotapes to raise em- 
ployee consciousness about safe- 
guards, a security board game 
and cartoon-titling contests. 

Although the threat of insider 
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data theft is a grave concern, 
AT&T, for one, sees opportuni- 
ty in the situation. A consultant 
version of an internal AT&T 
program is now on the market 
and, according to the firm, has 
had a very encouraging response 
from both large and small com- 
panies. 

The program can range from 
full-blown consultation, includ- 
ing diagnosis of a firm’s security 
needs and development of tools, 
to labels for floppy disks to semi- 
nars for staff members. A 20- 
minute employee training video- 
tape called “It’s Your Move’”’ is 
part of the program or can be 
bought separately from AT&T 
for $195. 

The tape features James Ol- 
son, AT&T’s chairman, stress- 
ing the need for computer secu- 
rity. As an alternative, users can 
edit Olson out and put in their 
own chief executive officer. 

Mary Tiffany, AT&T market- 
ing manager for the program, 
admits, ‘‘It’s not a quick fix. You 
can’t vaccinate your employees 
with some security-awareness 
serum and expect a cure.” 


Don’t forget outsiders 
Because computer crime statis- 
tics list telecommunications as 
the second most victimized in- 
dustry, it is not surprising that 
AT&T is involved in a security- 
awareness program. Companies 
such as AT&T must not only 
concentrate on insider theft but 
must also remain vigilant con- 
cerning outsider misconduct. 

In general, telecommunica- 
tions organizations are vigorous 
in prosecuting data thieves. 
These companies should be; 
telephone links are the common 
entry points for outsiders bent 
on theft or mischief (simple or 
malicious). In fact, existing tech- 
nological fixes are aimed at deny- 
ing this entry point to the would- 
be data thief. 

The most sensitive spot in the 
telephone link between a per- 
sonal computer and a mainframe 
is the modem. Hackers have 
found ways of rummaging 
around in telephone networks, 
listening for the characteristic 
signal indicating a modem, then, 
by trial-and-error deduction, 
finding the number of digits need 
to access the line. 

This modus operandi was wit- 
nessed in the well-publicized 414 
Gang incident, which occurred a 
few years ago and involved a 
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group of Milwaukee teenage 
hackers, living in the 414 area 
code, who gained entry to main- 
frames at the Los Alamos Na- 
tional Laboratory in Los Alamos, 
N.M., and access to New York- 
based Memorial Sloan-Kettering 
Cancer Research Institute. They 
accessed these sites using a GTE 
Telenet Communications Corp. 
Telenet network. 


Thwarting such incidents 
To thwart this type of crime, Mi- 
tel Corp., a telecommunications 
OEM, is now marketing a call- 
back system, the Security Ac- 
cess Controller, that masks a 
modem so that a hacker poking 
around in a network does not 
know he is on a data line. A PC 
user reaching a modem enters 
his password and the Security 
Access Controller cuts the con- 
nection and calls him back on an 
authorized line. Mitel offers 
three levels of security, each 
putting more intricate authoriza- 
tion requirements on data base 
access. 

How secure is the callback 
system? 

Mitel’s director of telecom- 
munications planning, Bill Kirk- 
patrick, says there is a method 
for defeating any callback sys- 
tem. However, a criminal using 
tricks would require in-depth 
knowledge of central office oper- 
ations and had better be pre- 
pared to spend weekends on the 
road. 

According to Kirkpatrick, to 
overcome the callback system, 
one must know several discrete 


“You can’t vaccinate 
your employees with 
some security 
awareness serum and 
expect a cure.” 


MARY TIFFANY 
AT&T 


pieces of information about cen- 
tral office operations and know 
how to apply them in a particular 
order. 

The thief would also need ac- 
cess to central office test equip- 
ment. 

An obstacle still remains: The 
culprit cannot gain access from 
one spot; he would have to travel 
to both ends of the connection. 

Kirkpatrick explains: ‘“‘Hack- 
ers are computer oriented; they 
just don’t know enough about 
central office systems.” 

Apparently subscribing to the 
notion that it takes a hacker to 
beat a hacker, Mitel employs 
what Kirkpatrick describes as 
“industrial hackers” — a group 
of highly skilled computer tech- 
nicians, with a full bag of tricks, 
whose job it is to try to crack the 
system. 

So far, no one has breached 
Mitel’s system, according to 
Kirkpatrick. 
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In addition to the use of the 
Security Access Controller on its 
own network, Mitel stresses se- 
curity awareness to its employ- 
ees and customers. This empha- 
sis includes frequent changes of 
passwords and encouraging 
complex passwords that hackers 
cannot easily guess. 

AT&T’s Datakit offers anoth- 
er kind of technological fix. Data- 
kit has features that let MIS re- 
strict mainframe access to a 
limited number of nodes on a 
network. 

Another technological an- 
swer to insider and outsider se- 
curity breaches is encryption. 
Starting in 1988, an encryption 
method invented by the National 
Bureau of Standards will be man- 
datory for banks dealing with the 
U.S. Department of the Trea- 
sury. Dennis Branstad, one of 
the encryption method’s inven- 
tors, says the system guarantees 
that a message has not been tam- 
pered with and that only the 
rightful recipient receives it. 


Determined data thieves 
However, a former official of 
Bankers Trust Co. in New York 
says that government regula- 
tion, rather than confidence in 
the efficiency of encryption, is 
the motivation for using the new 
encryption method. “A deter- 
mined data thief can always find 
those points in a computer net in 
which the data is in clear text, 
without encryption,” according 
to the official. 

Are there, then, technologi- 
cal solutions that guarantee per- 
fect security? Possibly, but they 
won’t come easy or cheap, ac- 
cording to Les Earnest, asso- 
ciate chairman of computer sci- 
ence at Stanford University in 
Stanford, Calif. In addition, de- 
velopments in computer sys- 
tems give birth to new classes of 
problems. 

Earnest points to LANs as an 
example. Stanford has 60 inter- 
connected Ethernet LANs for its 
campus system so that “any 
workstation can listen to a lot of 
people on the net.” While the 
network’s size and connectivity 
are impressive, there are draw- 
backs to a large net. As the net- 
work grows, there are more and 
more opportunities for hackers 
to gain access to unauthorized 
data bases in the system. 

In fact, gaining what others 
might call unauthorized entry to 
the net seems to be an academic 
challenge for students and ac- 
cepted by the faculty. Earnest 
explains that there are break-ins 
to the Stanford system almost 
daily, ‘but it doesn’t enormously 
upset us,” he says, unless there 
is malice involved. If someone at- 
tempted to destroy data, Ear- 
nest says, “we would go after 


War Games to the rescue 

BloomBecker of the National 
Center for Computer Crime 
Data sees a kind of oddly positive 


force in hacker publicity. He says 
the movie War Games and the 
arrest of the 414 Gang were 
probably the major forces lead- 
ing to the computer crime laws 
now in effect in all but two 
states. 

“Computer security profes- 
sionals have been trying to get 
the public’s attention for two de- 
cades, but it seems to have taken 
the kids to drive the message 
home,” BloomBecker says. 

However, despite the state 
legislation and the Computer 
Privacy Act recently passed by 
congress, BloomBecker says 
that computer crime is increas- 
ing and becoming more expen- 
sive. 


The cost of crime 

Malicious tampering with com- 
puter systems and data costs the 
owners of these systems an av- 
erage of $93,600 per incident. 
Thefts of programs or data cost 
an average of $55,166 each. 
Outright criminal theft nets the 
criminal an average of $10,517, 
according to the National Center 
on Computer Crime Data. 

There are, of course, the rare 
examples of extravagant crime. 
Stanley Mark Rifkin, a former 
consultant, made an illegal elec- 
tronic transfer of more than $10 
million from the Security Pacific 
National Bank in Los Angeles to 
his Swiss bank account. Knowing 
the bank procedures, Rifkin got 
past a security guard by flashing 
an outdated pass and found the 
day’s security code for wire 
transfers of funds posted on a 
wall. 

The majority of computer 
crime, however, is what Bloom- 
Becker calls ‘‘data diddling,” and 
there are many, everyday varia- 
tions, including the following: 

e A department store sales 
clerk changes delivery addresses 
for a shipment of goods, divert- 
ing it to accomplices. 

e A programmer at a savings 
and loan company transfers 
$5,000 into his personal account 
and makes phony debit and cred- 
it entries to cover it up. 

e A county district attorney 
in Colorado tries to delete a pair 
of speeding tickets from the mo- 
tor vehicle bureau’s computer 
system. 

To fend off both the malicious 
computer systems hacker and 
the employee with the chip on 
his shoulder, the computer in- 
dustry must foster a kind of com- 
puter morality. 

In a report by the National 
Center on Computer Crime Data 
called “Computer Crime, Com- 
puter Security, Computer Eth- 
ics,” BloomBecker calls for the 
development of a “mainstream 
computer ethic” to fight com- 
puter crime. 

Without additional efforts to 
shore up computer security and 
develop computer ethics train- 
ing, BloomBecker says, ‘‘com- 
puter crime will continue to be a 
growth industry.” By 
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isaster recovery is a 

big business as well 

as big money these 

days. In fact, Inter- 

national Resource 

Development, Inc. 

of Norwalk, Conn., 

projects a combined 

U.S. data center/dis- 

aster recovery mar- 

ket worth $510 million for this 
year. 

The number of MIS person- 
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nel concerned with disaster re- 
covery planning has taken off. In 
five years, the Delaware Valley 
Disaster Recovery Information 
Exchange Group has grown from 
a regional constituency based in 
the southerr New Jersey/Phila- 
delphia area to a national forum 
of nearly 600 corporate mem- 
bers. 

Former Delaware Valley 
group members have even un- 
dertaken some missionary work, 
establishing associations in other 
parts of the country. 

On the West Coast, the Asso- 


ciation of Contingency Planners 
is becoming a vocal sounding 
board for disaster recovery plan- 
ning. Other associations are get- 
ting under way across the U.S., 
offering telephone numbers to 
call for answers to disaster ques- 
tions from MIS. Some new mem- 
bers are proselytized, others 
come out of curiosity, still others 
are pointed in the right disaster 
planning direction by senior 
management. The fact is, disas- 
ter recovery has become a big 
bandwagon, and a lot of MIS are 
jumping on. 
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The disaster business 


“The whole focus on disaster 
recovery has changed,” accord- 
ing to Jack Bannon, manager of 
information security at Cherry 
Hill, N.J.-based RCA 
Corp. and president 
and cofounder of the 
Delaware Valley Di- 
saster Recovery 
group. “In the old 
days, disaster recovery was just 
a plan drawn up to appease the 
auditors. Now, it’s serious busi- 
ness.”” 

No wonder. The financial fall- 
out in the aftermath of disasters 


disaste 


ATRICIA GAUDETTE 


GEOFF O'CONN 


Boston-based 
Fidelity Investments’ 
r recovery 


plan, page 28. 





SPPREGCHI EARL 





is grave indeed. Companies deal- 
ing in disaster planning are quick 
to dole out a litany of statistics 
that point to the dire conse- 
quences of not planning for di- 
saster. 

One disaster planning firm, 
for instance, pegged the cost of 
an “unscheduled” interruption 
of central DP services for a typi- 
cal large insurance company at 
$275,000 a day and for a typical 
major airline at a catastrophic 
$20,000 a minute. 

Wayne, Pa.-based Sunguard 
Recovery Services, Inc., a major 
player in the disaster recovery 
market, claims that a large bank 
would be out of business in one 
or possibly two days without the 
use of a DP center. A distribution 
company would last just more 
than three days; a large manu- 
facturer perhaps five days; and 
an insurance company could lin- 
ger as long as six days. 

The statistics all carry the 


The statistics all carry 
the same message: 
Computer disaster 
equals financial chaos. 
If the message is a 
scare tactic, then a lot 


of firms are watching 


their steps. 


same message: Computer disas- 
ter equals financial chaos. If the 
message is a scare tactic, then a 
lot of firms are watching their 
steps. 

“What galvanized us toward 
recovery planning was a fire ina 
hotel beside our data center,” 
explains Connie Brock, a vice- 
president and data security offi- 
cer at Norwest Technical Ser- 
vices, Inc., headquartered in 
Minneapolis. “It didn’t do any 
real damage, but it made us see 
how vulnerable we were.” 

Robert Lucey, president of 
Putnam Investors Services, Inc., 
a Boston-based broker of mutual 
funds and a company that suf- 
fered through a fire last Decem- 
ber, explains that although the 
company’s disaster recovery hot 
site plan worked well, Putnam 
Investors is still contracting to 
add extra communications lines 
and update its entire system of 


backup procedures. 

“‘We’ve added a backup gen- 
erator and battery packs,” Lu- 
cey explains. “‘We’re taking a 
hard look at all procedures, mak- 
ing sure we’re current. There 
wasn’t extensive damage done 
to the building, but we still lost 
power for a week. That fright- 
ened us.” 

Some companies simply have 
too much responsibility to their 
clients to ignore disaster plan- 
ning. 

New York’s Depository Trust 
Co., for example, has more than 
$2 trillion worth of securities in 
its vaults, probably making it the 
world’s largest custodian of cor- 
porate stocks and municipal 
bonds. 

Depository Trust is a cooper- 
ative venture of 600 securities 
firms and has, for all intents and 
purposes, done away with paper 
trading, instead giving its mem- 
bers a computerized book entry 
system. The actual security doc- 
uments remain in Depository 
Trust’s vaults. Understandably, 
the company’s data security and 
backup plans read like the securi- 
ty measures for Fort Knox. 

Ironically, given their air of 
conservatism, banks and other 
financial institutions have be- 
come sort of shock troops in di- 
saster recovery planning. In a 
large way, however, their lead- 
ing-edge role has been mandated 
by the government, which has 
legislated rules directing all na- 
tional banks and savings and loan 
institutions to put disaster re- 
covery plans in place. 

The wheels of this mandate 
were put in motion a decade ago 
when the government issued its 
Foreign Corrupt Practices Act 
(FCPA), a rather misleadingly 
named piece of legislation that 
enjoins all U.S. companies to es- 
tablish accounting controls as a 
legal necessity. Part of this 
thrust in corporate accountabil- 
ity was the required protection 
of corporate assets, which, dur- 
ing the years, have been increas- 
ingly channeled into computer 
data bases. 

“The FCPA provided the first 
framework for data center disas- 
ter recovery plans,” explains 
Dianne C. Smith, president of 
the Long Beach, Calif.-based As- 
sociation of Contingency Plan- 
ners. ‘Anyone that has any gov- 
ernment contracts, is mandated 
or regulated in any way or han- 
dles securities has to have a di- 
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saster recovery plan in place. 
And that just about includes ev- 
erybody now.” 

As the disaster recovery busi- 
ness matures, so do the options. 
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Hot sites have a computer and 
space available for an organiza- 
tion. Cold sites only reserve a 
space, or shell; if disaster 
strikes, a company has to pro- 


vide its own hardware. Mobile 
data centers bring everything to 
firms. 

Stationary hot sites can cost 
hundreds of thousands of dollars 
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Fidelity invests in leased hot site 
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When it comes to planning for emergencies, 
Fidelity Investments takes no chances. 

The company’s Boston headquarters 
houses most of its computers. The building’s 
computer rooms have an array of weapons 
to combat disaster: Halon fire-retarding sys- 
tems, water detectors under the floors, ac- 
cess controls at every internal as well as ex- 
ternal door and enough power from 
generators to run the computers indefinitely 
in the event of a power failure. 

“Part of disaster recovery is planning to 
avoid disasters in the first place,” explains 
Liz Foote, director of systems management 
for Fidelity, the country’s second-largest 
purveyor of mutual funds. 

If anything does go wrong, though, Fi- 
delity is ready. The managers and staff would 
pick their tapes up from the previous 
night’s backup, which is stored off-site, and 
fly to a leased hot site in Philadelphia. 

Since June 1983, Fidelity has contracted 
with Sunguard Recovery Services, Inc., a 
Wayne, Pa., firm that provides hot sites and 
disaster recovery consulting services. ‘“We’d 
go into the Sunguard facility and restore 
the operating system and some necessary 
software. Then we'd start restoring appli- 
cations that are data specific to a particular 
business entity,’’ Foote says. Critical oper- 
ations, like Fidelity’s discount brokerage and 
mutual funds services, would be booted up 
first, followed by less time-dependent finan- 
cial programs and internal services. 

Fidelity is an IBM mainframe shop that 
has two 3090 Model 400s and two 3090 
Model 200s running all the time. The facili- 
ties at Sunguard match headquarters’s close- 
ly enough to make Fidelity comfortable 
with its alternate site. “There are some 
things we can’t process at Sunguard be- 
cause the site is not as big as we are, but 
there are also things we wouldn’t have to 
process if we were in disaster recovery mode 
[such as] lots of reports. We’d shed those 
noncritical operations,” Foote says. 

Since 1983, Fidelity’s MIS department 
has conducted on-site testing at Sunguard. 
Four weekends a year, representatives 
from each department in MIS, making up a 
group of 10 to 30 people, go to Philadelphia 
and restore operations from backup tapes. 
Aided by colleagues in Fidelity’s Dallas, Salt 


Jordan is a free-lance writer and technical editor who 
lives in the Boston area. 
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Lake City and Boston offices, MIS begins 
processing transactions dialed in from of- 
fices around the country, simulating as close- 
ly as possible a normal business day. 

It is up to the team at the hot site to 
make this activity as transparent as possible 
to dial-in users. Confirmation of success 
comes in the form of overnight report pro- 
cessing, which tracks all the transactions 
made that day and checks that they were all 
handled accurately and completely. Accord- 
ing to Foote, “It’s basically just like running a 
mini-Fidelity in Philadelphia for a couple of 
days,” except that all the computers, disks, 
tape drives, modems, phone lines and ter- 
minals are rented and may be used by a com- 
pletely different firm the next day. 

Testing has grown more and more com- 
plex during the years as a greater percent- 
age of the firm’s normal applications are 
brought on-line during the false emergency. 

It probably didn’t hurt the plan’s credi- 
bility that in March 1983, the same month 
Foote presented the plan to senior manage- 
ment, Fidelity had a long blackout and then a 
fire next to the computer room. Her plan 
was approved, and the first test at Sunguard 
took place in June of that year. 

Fidelity looks at expenses for recovery 
planning as an investment for the future. 

As Foote explains: “In a company like 
Fidelity, which has its soul tied to DP, a large 
amount of the money we make in a day de- 
pends on DP. We immediately start losing 
revenue if that support is not available.” 

The advantages of a rented hot site over 
a reciprocal agreement or casual plan include 
compatible equipment, the availability of 
equipment any time it is needed and, most 
importantly, the ability to test the system 
before it is needed, Foote says. And what are 
the advantages for Fidelity of a rented hot 
site like Sunguard’s over maintaining its own 
permanent site? “The cost of maintaining a 
site exclusively for our own use is astronomi- 
cal,” she maintains. 

In the future, Fidelity plans to build up 
its Dallas facility to the point at which it can 
handle many of the critical disaster opera- 
tions now planned for Sunguard. When the 
Dallas facility is ready to handle critical op- 
erations, the less crucial operations will be 
moved to Sunguard during a disaster. 

Fidelity has no plans to give up its rented 
hot site. Until Fidelity has “multiple comput- 
er centers with excess capacity, which 
won’t happen any time soon,” Foote says, 
she’s going to stick with a good thing. 
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to reserve each year, though the 
average cost is less than 
$200,000. That price is still 
enough to stop all but the largest 
corporations with the biggest 
computer arsenals from keeping 
both space and machines on per- 
petual hold. 

It’s expensive insurance, but 
the benefit is peace of mind. 
Should calamity come calling, a 
corporation can gather critical 
staff and tapes and beat it to a 
waiting computer facility where 
the company’s DP facilities can 
be up and running again in a mat- 
ter of hours. 

This situation, in fact, is ex- 
actly what occurred in Montreal 
last October when a fire ripped 
though the headquarters of 
Steinberg, Inc., a Canadian re- 
tailer (see story page 30). 

Though the fire happened in 
the early hours on a weekend, 
key Steinberg MIS personnel 
were quickly rounded up and 
flown to a waiting Comdisco Di- 
saster Recovery Services, Inc. 
hot site facility in Carlstadt, N.J., 
while the company’s important 
financial tapes were trucked 
across the border. 

In hours, Steinberg had its 
important applications up and 
running, and it was business as 
usual. This example is as pure a 


If a company does not 
have adequate 
communications 
planning, it does not 
have adequate 


disaster recovery. 
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drama and good endorsement for 
the efficacy of disaster recovery 
planning as any screen writer 
could conceive. 

The fact that the Steinberg 
case involved a_ billion-dollar 
company, extensive damage and 
the commodity of plenty of press 
attention (Steinberg, in fact, has 
been unusually open with the 
media about the disaster and its 
aftermath) has made the incident 
a cause celebre with disaster re- 
covery firms. For years, the in- 
dustry could only point to minor 
incidents or reams of impersonal 
statistics. Now they had the 
smoking gun. 

Cold sites, or shells, are not as 
costly as hot sites, but a major 
drawback is the possible unavail- 
ability of equipment when it is 
desperately needed. Even the 
closest and most secure of client- 
vendor relationships will proba- 
bly not get computers delivered 
within 24 hours of a crisis. The 
average lag is usually 24 to 48 
hours or more. 

“For too many businesses 
even that short a time would be a 
nightmare,” says Rick Effgen, 
president of Chi/Cor Information 
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Management, Inc., a consulting 
firm in Chicago. 

Five years ago, this time lag 
might not have been too long. 
These days, however, nearly all 
critical applications are real-time 
and on-line; batch processing has 
been on a downslide for a decade. 
Where batch is still used is pri- 
marily in applications not imme- 
diately critical to companies. 
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A number of companies have 
even assembled moveable hot 
sites and taken them on the road. 
These mobile trailer units can 
motor to a disaster site, set up 
shop in the corporate parking 
lot, plug into existing communi- 
cations lines and offer a kind of 
itinerant processing. 

As part of its Compuguard di- 
saster recovery service, for ex- 


ample, Compusource’s Provi- 
dent Recovery Systems mobile 
unit is composed of several trail- 
ers that can be strung together 
like a Lego set to form 2,000 
square feet of computer space 
housing a full IBM 4300 system 
and a complement of peripher- 
als. 

Cary, N.C.-based Compu- 
source claims the mobile units 


can be set up at a disaster site in 
a few days. 

“The ability to relocate back 
to the customer’s original site, 
the assured access to a main- 
frame configuration and the use 
of a customer’s existing telecom- 
munications network are the 
real benefits [of this service],” 
according to Compusource Pres- 
ident Wayne Edge. 

















Computer pirates are never easy to spot, 
but Gould makes them easy to stop. 


Most computer systems are de- 
signed to be friendly and easy to 
use. Problem is, that makes things 
just as easy for computer pirates 
and other unauthorized intruders 
as it does for legitimate users. 


But Gould has developed a 
solution for that problem. A 
complete operating system that 
eliminates unauthorized access 
without interfering with day-to- 
day operations. In addition, all 
who try to access information 
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without the necessary authori- 
zation will generate an audit 
trail that makes them easy to 
track down. 


The operating system? UTX/32S™ 
Based on our proven UTX/32® 
operating system, it’s the only 
secure version of UNIX® that has 
been formally evaluated and 
rated at the C2 level as defined by 
the National Computer Security 
Center. And we're currently work- 
ing on a Bsecurity level. 


Circle Reader Service Number 61 


COMPUTERWORLD 


Naturally, your C2 operating 
system can be easily upgraded 
when needed. 


Let Gould put the lock on your 
confidential files with UTX/32S. 
Write or call for information. 
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Today, everything is linked. Communi- 
cations backup has now become a major 
component in disaster recovery planning. 

“Divestiture has thrown the onus of 
telecommunications back onto client 
companies,’’ says Ron Bosco, president of 
Federal Engineering, Inc., located in Fair- 
fax, Va. 

“Until 1984, telecommunications in 
the U.S. operated in a cloud. Customers 
didn’t have to know about communica- 
tions because a carrier handled it. Divesti- 
ture blew the lid off that.” 


No coffee, plenty of POS 

Smith says, simply, that if a company does 
not have adequate communications plan- 
ning, it does not have adequate disaster 
recovery. “During a major electrical 
storm a few years ago I happened to be in 
a Denny’s coffee shop that lost power,” 
Smith says. “It couldn’t heat the coffee, 
but its point-of-sale [POS] system was up, 
and that impressed me. It had installed an 
independent network for its POS. 

“This situation doesn’t mean that your 
mainframe site has to be directly linked to 
a hot site,’’ Smith explains. “‘It just means 
you have to do some alternate planning. 
You have to develop the kinds of networks 
that are multinodal, in which, no matter 
which node you lose, you can still oper- 
ate.” 

That idea makes sense to Don Moeller, 
disaster recovery manager for Comvac 
Disaster Recovery, Inc., of Indepen- 
dence, Ohio. Comvac’s new cold shell fa- 
cility is equipped with 200 pairs of dial-up 
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Fire tests Canadian firm’s disaster plan 





BY KRISTEN NOAKES-FRY 
SPECIAL TO CW FOCUS 





On Oct. 26, 1986, a fire destroyed the central data center 
of Montreal-based Steinberg, Inc., a $4.5 billion Canadian 
retailer that operates a chain of hundreds of supermar- 
kets, restaurants and stores and employs 30,000 people. 
The resulting water damage and power and communica- 
tions outage put Steinberg’s data center out of business 
and halted DP services to the entire Steinberg chain. 

Within two days, Steinberg staff members working at 
Comdisco Disaster Recovery Services, Inc.’s New York 
Metro Recovery Center, located in Carlstadt, N.J., re- 
stored DP activities to the entire chain and was soon able 
to issue a payroll to thousands of employees. 

The following is the chronology of events: 

© Oct. 26. Fire is discovered at 6:00 p.m. 

© Oct. 27. The disaster is reported to Comdisco at 
11:45 a.m. Steinberg’s 25-member disaster recovery 
team leaves from Montreal to join the Comdisco recov- 


Noakes-F ry is an associate editor and analyst for Datapro Reports on 
Information Security, published by Delran, N.J.-based Datapro Re- 
search Corp. This article appeared in the Datapro report. 


ery staff and technicians at the hot site in Carlstadt. Ten 
thousand tapes from the Steinberg data center are loaded 
onto a 45-ft trailer, put through customs and rushed to the 
Carlstadt site. Seventy members of Steinberg’s DP man- 
agement and staff relocate to a cold site in Montreal. 

© Oct. 28. Critical systems are restored to stores. 

* Oct. 29. Normal business is resumed. Weekly pay- 
checks are distributed to 28,000 Canadian employees. 

The key to Steinberg’s survival was its prior prepara- 
tion and planning. At the time of the fire, Steinberg was 
one of a consortium of Canadian companies instrumental 
in developing a cold site at Comdisco’s Montreal Recovery 
Center. The firm was also a hot site subscriber at the 
New York Metro Recovery Center and had a contingency 
plan in place that had been tested earlier in October when 
employees practiced a move to the Carlstadt center. 

The following tips may help companies stay in busi- 
ness after a disaster strikes: 

¢ A firm needs management commitment. 

e A firm needs a detailed disaster recovery or contin- 
gency plan in which everyone in the company is involved. 

e A firm needs disaster training for employees. 

¢ A firm needs to rehearse and update the plan. 
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or multipoint lines and is aimed 
at servicing medium-size cus- 
tomers that are more apt to cen- 
ter their computing on minis 
than on the bigger mainframes. 

It also makes sense to Nathan 
Braught, consultant with Oak 
Park, Ill.-based Ecos Environ- 
mental Systems. 

“You have to remember that 
a lot of the power technology 
driving today’s computers is 40 
or 50 years old,”’ Braught says. 
“It’s getting worse every day.” 

Other options are appearing. 
Now a very competitive market, 
the disaster recovery area used 
to be almost exclusively an IBM 
domain where big players like 
Comdisco Disaster Recovery 
Services and Sunguard catered 
to heavyweight IBM mainframe 
customers. Now, some disaster 
recovery firms are bucking the 
trend and offering more region- 
alized services to smaller groups 
of clients using computers from 
Prime Computer, Inc., Data 
General Corp. and other non- 
IBM vendors. 

O’Neill Data Systems of Len- 
ni, Pa., for example, provides DG 
computer users with backup and 
recovery services, while Dallas- 
based Transfirst Corp. has gone 
into business with Comdisco to 
offer disaster recovery services 
to Tandem Computers, Inc. cus- 
tomers. 

“T think we’re seeing a stron- 
ger secondary hot site market 
emerging that does not try to be 
all things to all people,’ Chi/Cor 
Information’s Effgen says. ‘““This 
market’s main attraction is going 
to be price, and [its players] are 
going to try and position them- 
selves away from the big guys.” 

Among the least expensive of 
disaster recovery options is to 
contract a reciprocal agreement 
with another firm to provide for 
processing on its system. 


The one big weakness 
in most reciprocal 
agreements is the 
possibility that a 
company can ill afford 
to give another firm 
processing time when 
it is needed. 


But the computer industry 
keeps changing. The feasibility 
of arranging reciprocal agree- 
ments is not so obvious now. 
RCA’s Bannon points out one big 
weakness in most reciprocal 
agreements: the possibility that 
the other company could ill af- 
ford to give another firm pro- 
cessing time when it is needed. 

Installing dual, or mirror, data 
centers is probably the most reli- 
able disaster recovery option. It 
is also the most costly. One 
drawback lies in maintaining dual 
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data center applications that em- 
ploy redundant equipment. 
“When we originally imple- 
mented dual data centers in the 
1970s, there weren’t very many 
good hot site services available,” 
Norwest Technical’s Brock ex- 
plains. “In those days, most 
transactions were batch, not on- 
line. During the years, however, 
it became increasingly inconve- 
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nient to have work divided be- 
tween data centers. At the same 
time, hot site services were im- 
proving.” 

Charles Perkins, a supervis- 
ing consultant with the manage- 
ment consulting services divi- 
sion of Coopers & Lybrand in 
Baltimore, claims that most dual 
data center applications employ 
redundant equipment and can 


waste money. 

“There’s overkill with many 
of the larger dual data sites,” he 
says. “It gets very expensive.” 

Whatever option an organiza- 
tions chooses, everyone seems 
to agree that one of the first 
steps in disaster recovery plan- 
ning should be the identification 
of critical applications. Should 
problems occur, these would be 


the first a firm would bring up. 
“But even that’s not as obvi- 
ous now,” Federal Engineer- 
ing’s Bosco explains. ‘The 
greater use of computers in busi- 
ness is changing security game 
plans. It used to be payroll, ac- 
counts receivable and other fi- 
nancial considerations that were 
always identified as the major ap- 
plications to go up first. That’s 
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The key to VM security is a product that 
provides comprehensive, flexible pro- 
tection, yet does not force you to change 
source code, or the way you run your 
operation. ALERT/VM™ protects your VM 
resources, including the DIAL command, 
without any modifications to CP. Yet it is 
easy to use by auditors and security 
administrators since security can be 
defined on-line, using either menu-driven 
panels or an English-like language. 
ALERT/VM is modular, which means 
you can define security by resource, by 


user, by terminal type, or by terminal 
group. In any combination you wish. 
ALERT/VM also gives you the ability to 
customize CP privilege classes. You can 
allow (or prohibit) any command, and you 
can specify exactly which other users a 
specific command can act upon. Both of 
these facilities can be defined at the indi- 
vidual user level. 

ALERT/VM’s extensive report writers 
enable you to completely customize your 
batch reports, insuring that everyone in 
your organization gets the information 


they require, in the format they want to 
see it. For example, you can create a report 
showing who tried to access the payroll 
file between certain hours on a particular 
day with just three entries from an on- 
line screen. 

If you’ve been looking for a VM secu- 
rity product that gives you complete, 
customized, flexible control over your 
VM resources, ALERT/VM is the product 
you’ve been waiting for! To obtain more 
information about ALERT/VM, call us 
today at 800-848-4640. 
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not necessarily true today. 

“For example, I have a manufacturing 
client and asked it what was critical to its 
business. Almost by rote it answered, 
‘Payroll.’ We replied that come payroll 
day, if the system was still down, the com- 
pany could bring in blank checks, have 
temporary help fill them out and have 
them signed by the president. That 
wasn’t critical. What was critical was its 
shop floor control, which was run by com- 
puters. If that went down, the firm 
couldn’t produce to meet demand in order 
to survive. The company wasn’t aware of 
just how critical computers had become to 
every part of its business,” Bosco says. 

Putnam’s Lucey points out that his 
bank was more than clear on pinpointing 
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what had to go up 
after disaster 
struck. 

“We have two 
critical applica- 
tions,” Lucey ex- 
plains. “One is 
shareholder _ac- 
counting for the 
people who give us 
their money to invest. The other applica- 
tion is the reverse side. Once we have the 
money, we have fund managers who buy 
and sell various securities in the open 
market. We have to keep track of those 
transactions as well so we know what the 
value of the mutual funds are at any point 
in time. 


RICK EFFGEN 
CHI/COR 


OMNIGUARD” provides 


comprehensive security 
for all your VM resources. 


with 


risk. 


of your system modules. 
OMNIGUARD/VM: 


users. 


Permits a controlled, phased-in implementation. Select basic 
rules and expand them gradually. Or choose a “test mode,” where 
violations are permitted, but logged. 

Lets you choose centralized or decentralized security 
administration. Security policies can be created and maintained 


independent of each other. 


Through easy to use on-line facilities, lets you add or delete 
resources and make temporary or permanent security rules at any 


time. 


“People are realizing that it is 
not much good if you can get 
into the data center but the 
user areas are gone.” 


OMNIGUARD/VM eliminates the risk of running an unprotected 
VM environment by providing complete and comprehensive 
control over all your CP and CMS resources. Transparent, reliable 
and easy to install, OMNIGUARD/VM doesn’t require the reassembly 


Installs easily in just a few hours. 
Protects CP and CMS commands, CMS files, OS and DOS data 
sets, programs, spool files, EXECs and REXX, SVCs, terminals, and 


“Both of these 
[applications] are 
crucial to our sur- 
vival. And the only 
way to make sure 
they are secure is 
to keep testing,” 
Lucey says. 

Catherine Wey- 
hausen is corpo- 
rate security manager at AT&T in Cherry 
Hill and one of the people behind AT&T’s 
“It’s Your Move” internal computer se- 
curity program. She explains that part of 
the program requires AT&T department 
managers to periodically match their crit- 
ical applications against a policy guide is- 
sued by the company. 


IBM is a registered trademark of International Business Machines. 


Provides complete and continuous audit capabilities of VM 
Tesource usage. 

Don't take the risk of someone violating your system—let 
OMNIGUARD protect all your VM resources. Call or write for more 
information, On-Line Software International, Inc. Two Executive 
Drive, Fort Lee, NJ 07024. OEM, VAR, and Service Bureau 
programs are available. Product seminars are available in your 
area—call for dates and locations. 


In Canada: 201-592-0009 
In Europe: 44-1-6313696 


VA 


OnLine Software International 


OMNIGUARD. Comprehensive Security to Protect All Your IBM Mainframe Environments. 
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“The ‘It’s Your Move’ program is a se- 
ries of checks and balances down the 
[managerial] line,’”” Weyhausen explains. 
“Identifying important applications is a 
major concern.” 

However, Effgen advises against al- 
ways weighing everything in relation to 
the computer when working on contin- 
gency plans. “The data center is usually 
the place where security tends to start,” 
he admits. “But in the Norwest [fire in 
1982], the Steinberg and the Putnam di- 
sasters, the data centers were fundamen- 
tally unharmed; they were just inaccessi- 
ble. And people are realizing that it is not 
much good if you can get into the data 
center but the user areas are gone. There 
are certain things that will certainly be de- 
pendent on computers and other things 
that will not be so dependent. 

“The largest single issue that clients 
avoid upfront,” Effgen adds, ‘is what I 
call postdevelopment issues involving 
plan maintenance, ongoing testing and 
moving the [disaster recovery] program 
into user areas. You have to maintain a 
plan and constantly test it.” 

Effgen agrees that critical applications 
are changing as businesses change. ‘‘To- 
day, people who are smart do what is 
called risk analysis,” he says. ‘We go in 
and interview what are perceived to be 
the critical departments. We’ll interview 
users and see what’s going on and get a 
sense of what the impact would be of los- 
ing an application from a legal, operations 
and financial standpoint,’’ he says. 

Smith from the Association of Contin- 
gency Planners says that ‘‘we tell every- 
one not to plan for a specific event. That’s 
not the one that will happen.” 


Lived to tell about it 
Those who have been through disaster 
might concur. 

The communications managers at Pa- 
cific Bell in Riverside, Calif., who recently 
spent time cleaning up the mess to their 
switching system caused by blasts from a 
disgruntled former employee’s shotgun, 
would probably agree. 

So would Sheldon Harris, vice-presi- 
dent of data processing and information 
services at Bankers Life & Casualty Co. 
The Chicago company, which has an ex- 
tensive disaster recovery plan in place, 
spent a frustrating time last year trying to 
arrive at the source of a problem that kept 
crashing the tape drives of their IBM 
mainframe. For no apparent reason, Har- 
ris explains, the mainframe would periodi- 
cally stop to conduct communications/in- 
terface checks. The situation was causing 
havoc with the firm’s on-line applications. 

Harris says he brought in everybody, 
the bank’s MIS people, people from the 
tape drive manufacturer and consultants. 
Nobody could figure it out. Finally, Harris 
brought in some people from Ecos Envi- 
ronmental Solutions. Ecos did some de- 
tective work and came up with an answer. 

“They checked the power system, ev- 
erything,” Harris explains. ‘Finally, Ecos 
correlated the factor of low humidity and 
the high incidence of interface control 
checks. It seemed that carts and workers 
in the computer room were building up a 
large amount of static electricity that was 
not dissipating. As soon as a cart or one of 
the employees touched the mainframe, it 
would zap the drives. 

“T admit it’s embarrassing,” Harris 
says. “It took us six months to figure out. 
And all the time it was right under our 
noses.” - * 
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Site uptime 
management 


An ounce of disaster 
prevention 1s worth 
a pound of cure 


BY KENNETH BRILL 


n addition to planning for disaster recovery, MIS must eliminate or minimize the potential for disaster 


in the first place. By maintaining a state of preparedness for both people and systems, MIS can help its 


organization skirt a catastrophe. 


The capacity for avoiding disaster is the result of a carefully thought-out management process called 


“site uptime management.” In a new facility, site uptime management begins with a critical yet deceptively 


simple conceptual engineering block diagram that lays out equipment choices and capacities, bypassing 


interconnections, redundancies, maintenance 
procedures and off-line testing as well as human 
factors. 

This diagram determines the disaster risks 
the site should be capable of withstanding. It 
also sets a maximum limit on uptime reliability. 

Site uptime management continues as con- 
struction proceeds and the site takes physical 
shape. MIS runs acceptance tests knowing that 
bugs exist and that it must wring them out be- 
fore the site goes on-line. The staff needs to be 
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trained and rehearsed on what to do in the event 
of an emergency. 

Even then, the job isn’t over. Site uptime 
management is a continuous process of manu- 
facturing uptime and controlling downtime 
risks through preventive maintenance and test- 
ing. This process will last indefinitely or until 
the site is taken out of service. 

Although disaster avoidance is at the heart of 
site uptime management, an annual disaster 
risk inspection may be appropriate. Similar in 
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concept to the fire and accident hazard inspec- 
tions made in very large plants by insurance car- 
riers, the purpose of the risk inspection is to as- 
sure all involved that the company is following 
the site management plan, that it is competent- 
ly performing scheduled preventive mainte- 
nance, that site equipment is in good repair and 
that there are no obvious disaster hazards. 

The definition of a physical disaster has been 
subtly changing as uptime expectations have in- 
creased. Only five years ago, relatively few MIS 
departments were trying to achieve uptimes 
higher than 95%. Today, this situation has al- 
most totally changed. With the advent of on-line 
transaction processing, uptime expectations 
have grown, and levels of 98% and even 99.5% 
are now not all that uncommon. 

In recognition of the growing importance of 
on-line systems, the traditional concept of a cat- 
astrophic disaster needs to be expanded to in- 
clude ‘“‘site downtime.” From an end user’s 
standpoint, it doesn’t matter whether the com- 
puter is down because of a fire or a momentary 
power flicker; the results are the same: The 
user can’t perform his job. In large organiza- 
tions, this event quickly becomes a customer 
service, sales or accounting disaster with large 
dollar implications. 


Brill is a site uptime consultant and president of Compu- 
tersite Engineering, a Cambridge, Mass.-based engineering 
consulting firm specializing in site conceptual design, ac- 
ceptance testing and management of uptime. 
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Asite usually has up to 17 environmen- 
tal subsystems. These subsystems must 
be working as a life-support network be- 
fore computer hardware can be powered 
on. These subsystems form an intercon- 
nected and interdependent network so 
that overall site reliability is determined 
by the weakest subsystem link. As a re- 
sult, the failure of an insignificant $5 part 
can result in unexpected and potentially 
expensive site downtime. 

The site subsystems are as follows: 

¢ Uninterruptible power systems: 
Including utility service entry, high-volt- 
age transformers and building switch 
gear; lightning protection; electrical pow- 
er risers and distribution; 60Hz uninter- 
ruptible power supply (UPS); UPS air- 
conditioning; 415Hz frequency converter 
or UPS; battery plant for UPS; emergen- 
cy generator; computer room power dis- 
tribution; grounding. 

¢ Cooling systems: Including main- 
frame process cooling; computer room 
air-conditioning and humidity control. 

¢ Human factors: Including train- 
ing, testing and rehearsing staff. 

¢ Other critical systems: Including 
detection and suppression; raised flooring 
and environmental surfaces; physical se- 
curity and access control; monitors, 
alarms and remote operating. 

While site malfunctions are usually 
rare, when they happen, they have a pro- 
found impact on everyone involved. Be- 
cause site malfunctions typically tend to 
run in cycles with a second and third mal- 
function usually taking place before the 
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original problem is found, computer oper- 
ations can just be returning to normal 
when disaster strikes again. A single cycle 
of site malfunctions can easily put overall 
computer uptime goals out of reach for an 
entire quarter or even for the entire year 
in especially serious cases. 

When a site crashes, everything de- 
pendent on the site must also crash, with 
damage to both hardware and software a 
virtual certainty. 

If computer hardware won’t restart 
once the site is back up, MIS must identify 
the defective components and then either 
repair, replace or bypass them. Only after 
hardware uptime has been restored can 
the task of assessing software damage be- 
gin. 
The length of time to recover software 
and data will depend on what the machine 
was processing at the time of the site mal- 
function and how far back operators must 
go to find a checkpoint from which to start 
reprocessing. 

Assume that a site malfunction occurs. 
Depending on the size and complexity of 
the site, it might take between 15 min- 
utes to one hour for someone to diagnose 
what went wrong, fix it and decide that it 
is now safe to try bringing computer hard- 
ware back up. 

Again, depending on size and complex- 
ity of the site, it could take 30 minutes to 
one hour to restart hardware and an addi- 
tional 45 minutes to two hours to restore 
software. Thus, a momentary site mal- 
function lasting only seconds could be am- 
plified into between one and one-half 





DATASPHERE WAS THE KEY 
TO SUBARU’S 
NEW COMPUTER 
CENTER 


Subaru is a great car, as continually increas- 


ing Subaru sales will attest! And when 
Carl L. Daddona, Subaru’s Director of 
Operations, needed a great computer 
facility to support this growth, he knew 
a specialist was required. So Subaru 
called Datasphere, America’s pre- 
mier designers and builders of 
Data Processing facilities. 

And don't confuse Data- 
sphere with contractors, ven- 
dors, architects or engineers 
who claim to have experi- 
ence “designing” comput- 
er rooms. Because Data 
Processing facilities 
are special and require 
the myriad skills and 
proven experience that 
only Datasphere 
routinely offers. 
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Datasphere 
is your best 
choice to de- 
sign and build a 
new computer 
facility because: 
We're specialists. 
Our only business is designing 
and building computer rooms. 
The most experienced. 
We've designed and built hundreds of 
thousands of square feet of data centers 
around the world. 
Shouldn't you call Datasphere? 
Yes! Whether you need a controlled 
environment for a mini or a huge main 
frame facility—including a site and build- 
ing—cal] Datasphere. And please call us 
early. An initial consultation won't cost you 
a penny, but could save you thou- 


sands of dollars. 1-800-221-0575 











hours and four hours of computer outage, 
which, for large on-line systems, could 
represent a cost of many tens of thou- 
sands of dollars. 

For 99% uptime, the total duration of 
computer outages cannot exceed three 


A momentary site malfunction 
lasting only seconds could be 
amplified into between one 
and one-half hours and four 
hours of computer outage, 
which, for large on-line 
systems, could represent a 
cost of many tens of 
thousands of dollars. 


and one-half hours per month based on a 
prime time of 13 and one-half hours of op- 
eration six days a week. A single momen- 
tary power flicker invisible to the eye can 
easily consume this and more, leaving no 
reserve for other problems. 

MIS must systematically identify po- 
tential site disaster risks individually for 
each of the 17 subsystems and then exam- 
ine how each interacts with one another 
as a system. It needs to then rank these 
risks by both the probability of their oc- 
currence and by the duration of the result- 
ing computer outage while uptime is be- 
ing restored. With proper site design, 
preventive maintenance and regular test- 
ing, these downtime threats can be great- 
ly reduced or eliminated. 

Take, for example, the risk that the 
emergency generator won’t start or fails 
to carry its load. From a reliability stand- 
point, about the worst thing that one can 
do to an emergency generator is exercise 
its engine with no load. If this is done over 
an extended period, the carburetor or fuel 
injectors are likely to get clogged, which 
can cause the engine to fail when it has to 
pull an emergency load. 

If this generator fails, the conse- 
quences are that both the computer room 
and UPS will lose computer process cool- 
ing and air-conditioning. If the generator 


is not successfully restarted or if utility 
power doesn’t return, it only takes seven 
to 10 minutes for the ambient computer 
room temperature to rise from 70 de- 
grees Farenheit to 90°F. At this tempera- 
ture, controls should automatically re- 
move power from the computer and the 
UPS, causing a crash but ensuring that 
neither gets cooked. 

The typical reason that generators are 
not load-tested is that the only load avail- 
able is the computer itself. Often, the 
maintenance people want to test the gen- 
erator (or any other piece of similar equip- 
ment) for emergency readiness. Howev- 
er, the only way they can test it is to use 
the computer as a live load, which the DP 
people won’t permit. As a result, a stale- 
mate develops and the equipment re- 
mains untested until an actual emergency 
occurs. If it fails then, there is usually 
plenty of finger pointing. 

MIS can learn several things from this 
example. First, testing the generator un- 
der load is critical and greatly increases 
readiness. Second, if the equipment ne- 
cessitates professional maintenance, a 
means for testing equipment under load 
and independent of the computer must be 
provided in the design and construction of 
the site. Third, if the generator fails to 
start, within five minutes someone in au- 
thority must decide whether to order a 
computer system shutdown to avoid the 
hard crash that will happen when auto- 
matic temperature controls take over. 
Rehearsing key personnel on how to take 
charge and what to do in an emergency 
situation can greatly reduce potential 
downtime damage. 

Site uptime begins with a statement of 
management's goals that include not only 
uptime but also a time limit on the dura- 
tion of site downtime before uptime must 
be restored. 

The downtime risks a company must 
protect against are affected by site loca- 
tion, geography, weather conditions, lo- 
cation of the site relative to the utility’s 
distribution grid, annual temperature ex- 
tremes and other factors. After consider- 
ing these factors, a conceptual block 
equipment diagram of the site can be laid 
out showing the equipment to install, in- 
terconnections, bypassing, off-line test- 
ing capability and how much capacity and 
redundancy will be required. 
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Implicit in the block diagram are key 
strategic planning decisions that will de- 
termine future reliabilty. It is very impor- 
tant to keep in mind that once the site 
goes on-line, it probably can never be 
completely turned off. 

A company needs to anticipate failure 
modes for every site subsystem and key 
components within each subsystem. 
Ways of taking components on- and off- 
line without disruption to the computer 
must be designed into the site from the 
very beginning. In addition to anticipating 
repair problems, the block diagram must 
also provide for the performance of regu- 
lar preventive maintenance and periodic 
load-testing of selected components with- 
out exposing the live computer load to 
risk or disruption. 

To make this scenario more tangible, 
consider the uninterruptible power sys- 
tem. Made up of 10 subsystems, the pur- 
pose of an uninterruptible power system 
is to control the flow and quality of the 
electrical energy the computer receives. 
Each of the 10 subsystems serves a spe- 
cialized purpose. However, they may not 
all be required depending on manage- 
ment’s stated uptime goals. 

Many customers that want a uninter- 
ruptible power system end up getting an 
uninterruptible power supply, or UPS, in- 
stead. A UPS is only one of 10 subsystems 
that must be assembled to form a true un- 
interruptible power system. At a mini- 
mum, air-conditioning and batteries are 
required to make the UPS an uninterrup- 
tible power system. 

Even with these extra subsystems, re- 
liable uptime is still not assured. The air- 
conditioning must be redundant or a slip- 
ping blower belt will be magnified into a 
site crash when the UPS overheats. With- 
out batteries fully ready, a static UPS is 
very limited in what power conditioning it 
can perform. Any power failure on the in- 
put will be passed through to the output. 

Ideally, it should be possible to pur- 
chase a factory-made uninterruptible 
power system from a manufacturer that 
carefully optimizes costs and benefits, 
takes advantage of previous mistakes and 
guarantees uptime. 


Uptime results not included 

With few exceptions, this is not what gen- 
erally happens. Instead, the uninterrupti- 
ble power system’s subsystems were de- 
signed by the manufacturers and 
consultants who got paid for rendering 
services or delivering the product but not 
for achieving contracted uptime results. 

Based on plans and specifications, a 
low-bid contractor will assemble an unin- 
terruptible power system on a site using 
major components from at least 15 differ- 
ent manufacturers. 

This project is usually done under se- 
vere time constraints with little or no 
quality control supervision. Workers may 
be unfamiliar with the equipment they are 
installing or may not understand how to 
make the interface connections between 
subsystems. 

The only way to know that all subsys- 
tems will work is to test the site under 
simulated load conditions. This means 
bringing in load banks to test the UPS, 
batteries, emergency generator and cool- 
ing systems. A technically competent 
person who represents the owner’s up- 
time interests should supervise the test- 
ing. If the site’s conceptual and detailed 
engineering has been executed well, the 
initial deficiencies found during testing 
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will cluster around installation problems 
in interfacing interconnecting alarms and 
controls. 

As full load is applied and maintained 
for at least 24 hours, additional problems, 
which are generally easy to fix, will start 
showing up. 

Typical problems that occur include 
such mishaps as a chilled CPU water 
pump and an emergency generator fuel 
pump both getting utility power instead of 
uninterruptible power system power. In 
the event of a utility power failure, the 
chilled water pump would stop circulating 
coolant through the CPU. The CPU 
would overheat and a subsequent hard 
crash would occur even though the ma- 
chine received uninterrupted power from 


the uninterruptible power system. 

In the second example, the generator 
would run out of fuel about 30 minutes af- 
ter the utility fails. If found during testing, 
these problems are minor. Once the site 
has gone hot however, any malfunction is 
serious business. 


What to look for in an inspection 

It is wise to have an annual disaster risk 
inspection. Such an inspection of the 
emergency generator would include a vi- 
sual inspection of the unit and related con- 
trols; checking the starting battery for 
acid and cable connections; checking the 
engine for oil and water; starting the en- 
gine and observing the color of the ex- 
haust smoke; applying full load and listen- 


ing to how the sound of the engine 
changes and whether exhaust smoke 
changes color; observing the voltage and 
frequency meters for any sign of oscilla- 
tion; watching the temperature of the en- 
gine rise, shutting the engine off and lis- 
tening to how it stops; and finally, 
studying the generator maintenance log 
for any data on problems that might result 
ina future failure to carry load. 

If similar risk inspections are per- 
formed on the other site subsystems, ev- 
eryone, including top management, will 
know that everything possibie has been 
done to prevent disaster and that the or- 
ganization is getting full value from its ex- 
pensive investment in site uptime equip- 
ment. “ 


COMPUTERS INVITE CRIME. 
WHAT IF... 
YOU'VE LOCKED THE BAD GUYS 
INSIDE YOUR SYSTEM? 


DON’T LEAVE A FOX IN CHARGE OF YOUR CHICKEN COOP 


The fact is that most computer crime is committed by INSIDERS, many 


of them supervisors with high level access. The annual cost of this computer 
crime to business is $3 billion, with an average take per ‘‘heist’’ of $620,000. 
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Henry F. Nanjo 

Director Systems 

and Data Processing 

City and County of San Francisco 
Age: 58 

Budget: $30 million 

Cross Country Skier 


As the City and County of 
San Francisco has discovered, 
: there’s only one sensible way 
= to evaluate and integrate 
= products into one cohesive 
information system. And that’s with a depart- 
ment strongly guided by an experienced, inno- 
vative information services professional like 
Henry Nanjo. 

Henry didn’t always have a multi-million 
dollar budget, with responsibility for the acquisi- 
tion of hundreds of micros every year. In fact, 
when he started working with San Francisco's 
computers 31 years ago, Henry didn’t even have 
a DP department. He simply worked in account- 


ing eit hes state- of. the-art IBM 305. 


; Over the years, many of the applications 
Henry developed have helped keep San Francisco 
among the country’s most innovative users of 
computer technology. 

San Francisco made headlines recently 
with the first computerized fingerprint matching 
system. With it, prints can now be matched in 
less than 3 minutes —a far cry from the 4 weeks 
required to do the job by hand. Already, the sys- 
tem is credited with helping solve some 40 major 
unsolved crimes. 

.Today, Henry is in the process of evaluat- 
ing both existing and potential vendors of minis 
and micros—and maintaining an approval list of 
vendors for purchases made throughout the 
organization. Every computer-related expendi- 
ture, whether it falls within Henry’s $30 million 
budget or the City and County’s $60 million 
budget, must bear the name of a vendor appear- 
ing on Henry’s approval list. 

What little spare time Henry finds, he 
spends with his sons camping, hiking and cross 
country skiing in areas like Tahoe, Yosemite Park 
and the Shasta Mountains. 

If you'd really like to reach Henry, you’ll 


find him on Monday ntlons with his copy of 
Computerworld—he’s been a subscriber since 
the first issue. He finds Computerworld’s per- 


- spective meshes closely with the way he does 


business, covering everything from mainframes 
to micros, software and state-of-the-art 
technologies. 

Information Services is full of bright indi- 
viduals with individual visions. Yet they all seem 
to have one common insight. 

Their favorite newspaper. 

Computerworld. 


W ere you can read 
the future 


Computerworld, 375 Cochituate Rd., Box 9171 
Framingham, oa (617) 879-0700 


An International Data Group Company 
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SECURITY 
SYSTEM TRADE-OFFS 


BY REBECCA HURST 


Don't get locked 
into too much 


f a high-speed computer zipping through data transactions 


is as sexy as a Porsche turbo, then the security it requires 


has all the attraction of auto insurance. It costs money, 


and you may or may not ever need it. 
With few visible benefits linked to security, most DP and 


MIS professionals want to implement a sufficient degree of 


security without providing more than 
necessary. At the same time, these man- 
agers are trying to balance their need for 
security with cost, education and the end 
user’s need for reasonably simple access 
to corporate data. 

Some companies have clearer security 
requirements than others. Organizations 
such as the government and banks need to 
protect sensitive information and billions 
of dollars, so they spend hundreds of thou- 
sands of dollars on data encryption sys- 
tems regulated by the National Security 
Agency. , 

However, a great majority of organiza- 
tions do not need top-of-the-line security, 


Hurst is Computerworld Focus's senior writer. 


according to Daniel Lynch, president of 
Advanced Computing Environments, a 
Cupertino, Calif.-based consulting firm. 
“Some day, when we come to rely on 
electronic communications and it be- 
comes a fabric of life, we will need [better 
security],”’ he speculates. “Right now, we 
don’t because we have not yet entrusted 
our lives entirely to the electronic trans- 
fer of information.” 

Already, users rely more on electroni- 
cally stored information as they gain ac- 
cess to data through their personal com- 
puters. With increased PC use, managers 
are also finding a greater need for securi- 
ty. “PCs are an open invitation to breach 
security,” claims Jack Rodgers, director 
of marketing for the San Francisco-based 
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software products division of On-Line 
Business Systems, Inc. With terminals, all 
the control is centralized at the main- 
frame, he explains. When processing is 
distributed between PCs and the central 
host, some mainframe controls are lost. 

For example, Rodgers says, PC users 
can put alphabetic characters in numeric 
files. In a terminal-to-host situation, the 
mainframe software guards against this. 
Also, corporate computers lose their abili- 
ty to provide complete file and record 
locking. 

“Some products provide record lock- 
ing,” he says, “but they don’t protect 
files.’” Therefore, users can accidentally 
wipe out each others’ file updates and 
cause the system to lose its data integrity, 
Rodgers notes. 

The use of PCs at Chicago-based Unit- 
ed Airlines has brought a need for addi- 
tional security, agrees Suann Lively, a 
staff analyst at the airline. ‘““More and 
more, our company is using PCs for sensi- 
tive data,” she says. 

At United, though, the main concern is 
right to access. ‘Our corporate philoso- 
phy is that access should be provided on a 
need-only basis,’ Lively explains. ‘“We 
want to secure information from prying 
eyes.” 

Deciding who the company wants to 
protect its data from is one factor in deter- 
mining the type of security controls it 
needs to implement. However, before 
managers look at who gets access, they 
need to look at what they want to protect 
and what they want to protect it from, an- 
alysts agree. 

First, managers have to evaluate the 
assets they want to protect, says Wayne 
Cerow of Phoenix-based Cerow Investi- 
gation and Consultants. Some informa- 
tion is less valuable, and managers should 
not establish several password layers 
across the board. 

For example, “tutorial games don’t 
need four or five levels of security,” 
Cerow says. Managers should not estab- 
lish blanket security for the corporation, 
concurs Dipankar Basu, manager of mar- 
keting research for NCR Corp. in Dayton, 
Ohio. Instead, they need to examine us- 
ers’ security needs from department to 
department. 


Limitations on access 

After deciding what they want protected, 
managers then have to determine the 
type of access they want users to have, ac- 
cording to Lynch, who lists three types of 
limitations. 

MIS.managers have to decide who can 
access the computer system, who can see 
the data and who can alter the data. As a 
minimum requirement, he advises, 
“Make sure that the people who use the 
system are known to you.” 

MIS should also realize that controlling 
access is more difficult in some computing 
environments than others. Mainframe 
and minicomputer time-share systems 
provide logon features that allow MIS to 
control and monitor users accessing a 
computer, Lynch says. 

“Most local-area networks [LAN] do 
not [have these features] unless they have 
a file server.” With a file server, he notes, 
“the LAN becomes very much like a time- 
share system.” 

According to Lynch, one form of secu- 
rity is to limit access to whomever is phys- 
ically connected to the network. Howev- 
er, managers often need to add security 
measures to maintain control over leak 
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“More and more, our company is using PCs for sensitive data. Our 
corporate philosophy is that access should be provided on a need- 
only basis. We want to secure information from prying eyes.” 


SUANN LIVELY 
UNITED AIRLINES, INC. 


points in which there are external com- 
munications along the LAN, he cautions. 
“When you provide dial-in or dial-out fa- 
cilities, modems and gateways, you need 
to complement security measures so ev- 
eryone doesn’t dial up and use the sys- 
tem.” 

The nature of a company’s applications 
also can determine the ease with which 
management can implement security con- 


» 


trols. For example, the Northern Trust 
Bank of Chicago has to limit access of re- 
mote users connected to the corporate 
mainframe through PCs or terminals. The 
bank’s solution has proven simple be- 
cause its MIS department already designs 
the software and controls the informa- 
tion, explains Frank Cesario, the bank’s 
vice-president of electronic banking ser- 
vices. 


Northern Trust has developed a secu- 
rity system based on password access and 
controlled applications. ‘The software 
only addresses a set of specific functions,” 
Cesario reports, ‘“‘so it can only access 
certain files,” he explains. 

Because this software does not have 
the ability to perform other tasks, Cesario 
notes, “‘it’s much easier to put a fence 
around what users can do.” 

After managers examine what they 
want to protect and the environment it re- 
sides in, the next step is identifying from 
whom they want to protect the data. 

Part of this process requires the DP 
professional to identify security concerns. 
“Security has two meanings,” Rodgers 
says. One definition involves protecting 





How do you findac 


Consider that you are David Tuckman and 
youre a business consultant. Your clients 
want to know this: How does a company sur- 
vive an operational breakdown? Knowing 
that breakdowns mean profit losses and anx- 
ious customers, your reputation depends on 
finding solid 
answers. 

That's why 
AT&T comes 
through for 
David with 
the AT&T 
Crisis Management solution, featured in the 
AT&T Consultant Liaison Program. 

By working together with AT&T, you can 
design a proposal to show your clients how to 
forestall a crisis situation entirely, or recover 


"quickly 


For example, AT&T works with “Hot Site” 
vendors who can supply your clients with 
backup facilities that mirror their computer's 
normal operations. And our AT&T ACCUNET® 
Family of Digital Services allows your 
clients to create a link with remote facilities 
and their terminals. And these links can 
operate at speeds of up to 1.544 megabits 
per second. 

What about presentation? We can show 
you how to integrate these services into your 
proposals. So you're even better prepared to 
make informed strategic recommendations. 
And that gives you the edge over your 
competition. 

How do we follow up? You have an added 
plus in our AT&T Product and Network Appli- 
cations Manuals (both available fora small fee). 

So how do you find a crisis before it finds 
you? With the AT&T Crisis Management solu- 
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tion, part of the AT&T Consultant Liaison 
Program. You'll find a variety of solutions 
for whatever troubleshooting your clients 
may need. 

From equipment to networking, from 
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systems applications from theft or de- 
struction; the other is protecting data 
from corruption, he explains. 

In terms of theft or tampering, most 
MIS managers are concerned about em- 
ployees rather than outside intruders. 

“Employee dishonesty is probably the 
chief security concern of 70% to 80% of 
MIS managers,” notes Kenneth Bosom- 
worth, president of International Re- 
source Development Corp., a Norwalk, 
Conn.-based consulting firm. 

Much of a manager’s concern is born 
out of experience, Bosomworth claims. 
However, he says, “Organizations tend to 
be secretive about this [experience]. Most 
embezzlement and employee dishonesty 
is never specifically reported to the po- 
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lice.” More than causing embarrassment, 
he explains, such internal crimes can 
threaten high-level managers, including 
the company president. 


Unintentional errors 
In protecting against data corruption, 
managers are generally concerned about 
user errors. For example, United’s secu- 
rity measures were designed for inexperi- 
enced users as well as high-tech intrud- 
ers. “As people are brought into new 
departments, they are being exposed to 
personal computers for the first time,” 
United’s Lively explains. “We want to 
guard against them making unintentional 
errors.” 

Equally important is making sure that 


the right people use the computer. ‘‘One 
problem with security is that users often 
get frustrated because it’s difficult for 
them to get the data they need,’’ NCR’s 
Basu comments. 

Such frustration can lead to users sim- 
ply not utilizing the system or, worse, not 
using the security properly, Rodgers ex- 
plains. 

Users will commonly adapt to a hard- 
to-access system by creating computer 
crib notes, Rodgers says. ‘People will lit- 
erally tape their passwords or logon pro- 
cedures onto their monitors or put them 
in an adjacent drawer,” he explains. Such 
practices can neutralize the effectiveness 
of a security system costing several thou- 
sand dollars, Rodgers asserts. 





computers to communications, AT& 


comes through. 


~ To find out more, talk with your 
account executive at AT&T. Or call 
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“You can tell users not to write down 
their passwords, but they still will,’’ Bo- 
somworth adds. “People usually choose 
words such as the name of their dogs. 
These are not unusually hard to memo- 
rize, but users will write them down any- 
way.” 

Security does not have to be difficult, 
however. There are several technological 
solutions that simplify security measures 
from the user’s perspective. In micro- 
computer-to-mainframe links, the soft- 
ware should provide all logical security, 
according to Basu. 

“Users should only have to type in an 
identification and a password,” Basu 
maintains. ‘“The product should not re- 
quire a lot of user training.” 

At United, MIS has combined pass- 
word access with encryption to provide 
personal computer users with easy com- 
munications to the company’s central 
processor. ‘‘We allow users to select their 
own passwords because the tendency to 
paste them up is much less likely,” Lively 
says. Users require these passwords to 
unscramble certain encrypted files. 

So far, the system has effectively met 
United’s needs, Lively states. ‘“‘We antici- 


“People usually choose 
[passwords] such as the name 
of their dogs. These are not 
unusually hard to memorize, 
but users will write them 


down anyway.” 


KENNETH BOSOMWORTH 
INTERNATIONAL RESOURCE DEVELOPMENT 


pated that users would forget their pass- 
words, but in the past 11 years, this has 
occurred only two times,’’ she reports. 
When users forget their passwords, MIS 
has a backup recovery system with a mas- 
ter key to users’ files, and “recovery 
takes just a few seconds,” Lively notes. 
Sophisticated micro-to-mainframe 
products will also provide a script facility 
that MIS can use to write in the main- 
frame logon procedures, Rogers says. Us- 
ing these scripts, a user can enter a pass- 
word, which activates the logon process. 


Problems in overnight transfers 
The problem with such features, Cerow 
comments, is that they also make it easier 
to break into the system. “If users have to 
do an overnight transfer, they have to 
leave their password on the screen where 
anyone can see it,’’ Rodgers concurs. 

One solution developed by On-Line 
Business Systems is a means for hiding 
the password in the code of Excellink, the 
firm’s micro-to-mainframe product. 
When users initiate an overnight transfer, 
the password disappears from the screen 
and is stored in Excellink as data, Rodgers 
explains. To locate the password, a user 
would have to know the code for both Ex- 
cellink and Microsoft Corp.’s MS-DOS, 
he reports. “‘That’s a virtually impossible 
task.” 

Some easy-to-use security devices 
vendors are touting are ID cards that us- 
ers can pop into their systems, voice rec- 
ognition products and scanners that iden- 
tify fingerprints or the unique pattern of 
blood in the retinal wall of the user’s eye. 

However, these solutions do not have 
many real-world applications, according 
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to many experts. 

ID cards are easy to use, Rodgers ac- 
knowledges, but they also can be easily 
lost or stolen. 

Retinal vessel patterns are not suscep- 
tible to duplication, according to a recent 
International Resource Development re- 
port on security, but the study’s findings 
question whether many people will be 
comfortable subjecting their eyes to an in- 
frared scan. Additionally, such scanning 
devices cost more than people are willing 
to pay, according to Advanced Comput- 
ing’s Lynch. 


‘People are cost-sensitive’ 
In fact, DP managers apparently are re- 
luctant to implement even the more tradi- 


SECURITY 


SYSTEM TRADE-OFFS 


tional forms of security. “People are cost- 
sensitive,” Lynch comments. “Enough 
users will have to lose big before they de- 
cide that security is worth the extra 
cost.” 

Thus, vendors such as Sun Microsys- 
tems, Inc. of Mountain View, Calif., are 
often far ahead of market demand. “‘Sun 
has built in a space for a cryptology chip in 
its workstations,” Lynch notes, “but no 
one’s asking to have one plugged in.” 

A more cost-effective approach to bal- 
ancing ease of use with security is the 
dedication of management resources. 
The obvious tactic for managers is to edu- 
cate users on proper security practices, 
according to Rodgers. 

“Perfectly good passwords have to be 


changed frequently because of users’ 
carelessness,’’ he asserts. Managers need 
to encourage users not to write down 
their passwords or leave them on the 
screen when they are at lunch, Rodgers 
says. 

“Employees are basically honest,” 
Cerow explains. “If managers make em- 
ployees aware of security practices and 
their importance, they are less likely to in- 
advertently give off a password or leave 
their terminals unattended.” 

The end user’s awareness is a very in- 
expensive security measure, but it is not 
effective without backing from top man- 
agement. “A company has to develop the 
policies and procedures for security be- 
fore it can expect employees to follow,” 


Have more Dial-In PCs than your 
System /3X can handle‘ 


Dial-in more PCs on the twinax channel, and save money! 


PCs with emulation boards 
are limited in how many 
you can dial-in 

With emulation boards, each PC 
takes up one comm line while dial- 
ing-in. When you run out of comm 
lines, you can’t dial-in any more 
PCs. Period. Local Data’s Inter- 


Lynx™/5251 directly attaches to the 


twinax channel so you can dial-in 
up to 7 PCs on the same port! 


Dial-in on the twinax 
channel without a board 
By not using a board, you don’t 
pay the high cost for comm ports, 
a comm adapter, or comm overhead 


on your System/3X. With TruLynx™/ 


5251-PC software running on your 
PC, you can dial into the twinax 
and use less expensive asynchro- 


nous modems, too. TruLynx is a soft- 


ware product, so it’s easy to install, 
and doesn’t take up a valuable PC 
board slot. 


File transfer compatibility 
with PC Support/3X or FSU 
TruLynx allows you to transfer 
files to and from the System/3X with 

PC Support/3X and FSU. You can 
work with host data in your favorite 
PC application, like Lotus 1-2-3® 


Local Data makes dial-in 
easy, and protects you from 
accidental disconnection 

TruLynx gets you into the 
System/3X easily with its auto-dial 
and auto sign-on capability. Once 
online, if you are accidentally dis- 
connected, InterLynx maintains your 
host session until you dial back. If 
you happen to walk away without 
signing off, InterLynx has an op- 
tional inactivity disconnect so 
phone bills don’t eat up your budget. 





Local Data is here 
to help you 
Local Data has been making pro- 
tocol converters for 8 years, and our 
data communications expertise just 
can’t be beat. We even have a 24- 
hour on-line computerized help desk, 
just because your questions may not 
come during business hours. 


Give us a call 
Give us a call, we’d be happy to 
send in a rep to demo what our com- 
bination can do for you. And all your 
users. Call Local Data at (213) 320- 
7126. In Canada, call 1-800-267-1821, 
in the UK call 44-753-76537. 


c LOCAL 
DATA 

2771 Toledo Street 

Torrance, California 90503 

(213) 320-7126 

TLX 182518 
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Cerow adds. 

Ultimately, then, the management of 
security rests on MIS. However, MIS of- 
ten has not given security its full atten- 
tion. Sometimes MIS takes shortcuts in 
developing and implementing an applica- 
tion, Rodgers says. 

For example, it is critical for the ac- 
counts payable software to be up and run- 
ning, but initially, MIS does not need to 
complete the documentation. 

Similarly, he says, the application 
doesn’t need security features to work. 
Because of deadline demands, MIS tends 
to implement these measures after the 
fact. ““That’s the reason why MIS is not 
very good about security,” Rodgers con- 
cludes. 


Interest on the upswing 

In the past few years, though, MIS has be- 
gun devoting more attention and re- 
sources to security, Rodgers acknowl- 
edges. 

Reasons for this interest include the in- 
creasing use of micro-to-mainframe links 
and their attendant security problems as 
well as a heightened awareness of securi- 
ty breaches, he says. “I can recall one 
company in which security was not an is- 
sue until a board member read about a 
$50,000 embezzlement in The Wall 
Street Journal,” Rodgers says. 

Though security has caught MIS’s at- 
tention, it may be a few years before sys- 
tem managers implement solutions. 

According to Rodgers, MIS managers 
don’t want to choose products and poli- 
cies that only solve half of their security 
problems. Until they find the combination 
that provides a complete solution, they 
will not move ahead. “‘That’s why MIS 
does not yet have all its security ducks ina 
row,” Rodgers says. % 
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SECURITY 
TECHNOLOGY INSIGHT 


Tinker, 


tailor, 
network 


BY JOHN VACCA 


S 


he increasing popularity and population of micros present many problems and risks for MIS. With 


systems spread among a variety of users, far from MIS’s supervision, micro users can easily inflict 


serious damage to a network either through unwitting misuse or through intentional fraud or sabo- 


tage. As companies replace dumb terminals with micros to allow mainframe access and help mitigate the 


data processing burden, the potential for network security problems and risks increases. 


Companies can minimize the chance of intrusion through protective devices and procedures and through 


ensuring that if a break-in does happen, it will be 
detected as soon as possible. It can also be de- 


tected through reconstructing the status, con- ' 


trol information and content of any transaction 
at the time of the intrusion as well as all opera- 
tor interventions that may have altered the net- 
work configuration. 

What are some of the risks of which MIS 
managers should be aware? 

A person can wiretap or tamper with circuits 
and switching nodes with modest technical 
training. Even in-house sites, which should be 
the easiest to secure, are often unprotected, 
having exposed telecommunications cable ter- 
minations. Intruders can connect a tap out of 
sight via a small isolation transformer behind a 
termination panel that connects to another line 
at the end of which they can operate in comfort. 

Off the premises, a tap can be placed along 
any part of a terrestrial link — microwave tow- 
er to tower or land line. If the intrusion is well- 
hidden, a company might never discover it un- 
less it traced the entire physical path of the link. 
And, even then, such a discovery would only 
mean detachment of the device, not apprehen- 


Vacca is a free-lance technical data processing and air and 
space contract writer based in Topeka, Kan. 
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sion of the thief. 

Satellite down links are especially vulnerable 
to electronic interception. A physically attached 
device is not required; a receive-only earth sta- 
tion anywhere within the footprint of the signal, _ 
which may consist of thousands of square miles, 
combined with a transmit device, can read, alter 
and reenter information without the sender’s or 
receiver's knowledge. 

Electronic eavesdropping, in turn, may re- 
veal information such as passwords and account 
numbers that will open up a new range of fraud- 
ulent opportunities for an intruder. ' 

What can MIS do to discover, thwart and 
prevent network security problems? Many 
hardware and software 
products on the market 
can increase network se- 
curity, but both experts 
and users generally 
agree that technical solu- 
tions are not enough. 

The reason is simple: 
The people who use the 
network system — the 
ones most likely to dam- 
age or abuse it — will 
also know about the sys- 
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tem’s safeguards. 

“The majority of white-collar crime is com- 
mitted by insiders,’ says Frederic Withington, 
vice-president of information systems at Arthur 
D. Little, Inc., a Cambridge, Mass.-based con- 
sulting firm. ‘“‘No technical gimmick for stop- 
ping [access] will work if the people who know 
the gimmick commit the crime,” he says. 

Even if users are not trying to abuse the net- 
work system, many of them will ignore security 
procedures, notes Martin Kalin, a senior asso- 
ciate with the Technology Analysis Group, Inc., 
a research firm in Washington, D.C. “Many 
commercial network systems aren’t used prop- 
erly, and people are sloppy in their daily habits 
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or not trained properly,” he says. “‘So, it 
becomes a question of managing the pro- 
tective network system, not the system 
itself.” 

Therefore, the keys to security are not 
only effective MIS management but also 
effective personnel. management. Most 
experts recommend a variety of technical 
and managerial actions, including the fol- 
lowing: 

¢ Encryption. In 1977, the U.S. Bu- 
reau of Standards adopted the Data En- 
cryption Standard (DES). DES defines a 
fixed-transformation, or scrambling, al- 
gorithm varied by a key. 

¢ Key management. Key creation, as- 
signment, distribution and cancellation 
are the most exposed parts of the encryp- 
tion process. Management can be either 
manual or automatic. 

A secure combination of manual and 
limited-automatic key management is to 
have different employees independently 
generate two preliminary keys that are 
separately entered into a cryptor. that 
supports this process. The device then 
combines them into the final key. No one 
ever sees the final key; it is stored in the 
device and cannot be read out. The pre- 
liminary keys would also be separately de- 
livered to the sites. 

¢ Authentication. Authentication is to 
a message what a parity bit is to a charac- 
ter or what a block check character (BCC) 
is to a data block. If the parity bit, BCC or 
authentication field calculated at the 
sending side and added to the message 
cannot be recalculated on the receiving 
side to match, then the incoming message 
is not released or files updated until verifi- 
cation is correct. Typically, retransmis- 
sion is requested or other recovery proce- 
dures are undertaken. 

¢ Terminal sequence numbers. What 
is the most direct way to detect message 
loss, duplication or fraudulent insertion of 
a message onto a line? The answer is to 
use sequence numbers on a per-terminal 
(meaning anything from a teletypewriter 
to a computer) basis. Each message sent 
in a terminal-to-host direction would car- 
ry its own increasing number in an input 
sequence number field generated auto- 
matically by a binary counter. 

¢ Passwords and log codes. A pass- 
word is what a person uses to get into the 
system, and a log code is what a terminal 
uses to do the same. Each is a prestored 
secret symbol set that must be matched 
before a machine allows a user further ac- 
cess. Password/log code implementation 
can range from single-level to a pyramid- 
type construction, in which passing one 
level merely leads to the next. 

Passwords can be used to restrict ac- 
cess to various systems function/transac- 
tion classes’ so that only users owning 
those passwords can access the functions 
and classes. 

There are also various defense mea- 
sures for terminals that companies can 
use to safeguard valuable information, 
such as the following: 

¢ Hardware protocol verification. This 
technique helps to ensure that the host is 
in contact with the right terminal. 

¢ Physical vs. logical check. This secu- 
rity measure allows the host to validate 
the symbolic against the entering port 
and the terminal symbolic against the 
hardware ID of the hardware protocol 
verification. 

© Message checks. The host should do 
message checks such as transaction type, 
date and minimum and maximum limits on 
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fields in which specific content is not de- 
fined. An intruder would have to know 
correct formats to get through. 

¢ The performance of close-the-loop 
functions at the logical level. This activity 
means each action would have an acknow- 
ledgement. 

e Employee honesty. What is to stop a 
person with proper password authoriza- 
tion from downloading a client list to dis- 
kette and passing it to a competitor? 
There really is no good answer beyond 
careful password management, but two 
other defenses are possible — using disk- 
less workstations and keeping sensitive 
files encrypted in the host and, upon prop- 
er password, downloading them without 
decoding. 


e The definition of nonexistent termi- 
nals. Are nonexistent terminals prede- 
fined in system tables? If so, the potential 
risk is that an intruder terminal could be 
attached as a predefined identity. The 
best way to handle this is to ensure that 
these terminals are cut off in some other 
way such as by password control. 

e Knowing the system. MIS managers 
need to know the network security fea- 
tures, such as CICS, that their telepro- 
cessing monitors support. 

Automated checks are no substitute 
for operational precautions and aware- 
ness. Telecommunications — security 
grows from a careful mix of computerized 
and manual procedures 

To prevent unauthorized access, MIS 





should assign terminal areas their own 
dedicated secure space; keep test keys 
and signature lists out of the way; place 
supervisor’s office in view of the work 
area; and so on. It should consider termi- 
nal locks and magnetic card slots for oper- 
ator identification. 

Furthermore, MIS needs to be aware 
of network status. The network is always 
in flux; carriers fail and are restored, ter- 
minals may not respond to poll/selects or 
may be logically disabled and so on. Great- 
er risks accrue during abnormal opera- 
tion, especially if the malfunctions go un- 
detected. Therefore, network 
implementation, including software, 
should build in functions to detect mal- 
functions and alert MIS. 


High Tech Advertising. When the 
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After three years of development, the PC-based 
financial planning product of a multinational U.S. 
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The marketing director authorizes the study. 
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MIS may also want to separate func- 
tions. The principle here is that collusion 
becomes more difficult as more people be- 
come involved. Therefore, where it is 
consistent with smooth work flow, differ- 
ent people should do different parts of an 
operation. 

An item-by-item reconciliation should 
be conducted, not for the purpose of pre- 
vention but for detection of any lost or al- 
tered data soon after the fact. 

MIS should reconcile cross-checks and 
summaries. This method divides into op- 
erations and applications. For operations, 
include periodic communications between 
terminals, the exchange of reports of 
message types and counts received for 
comparison. For applications, include dai- 


World is bigger than your budget. 
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ly dollar totals and the number of mes- 
sages the system accepts compared with 
the dollar total and number of messages it 
delivers, plus those still in the queue. 

MIS must keep information private. 
Knowledge of controls, tests for failures 
and the like should be limited to a mini- 
mum number of personnel. 

Also, MIS should institute audit trails. 
The purpose of audit trails is to allow a 
person to reconstruct in sequence all ac- 
tions and interventions that affected sys- 
tem components and states up to a given 
time. Audit trails also trace the progress 
of any transaction throughout its lifetime 
in the system including each node, part 
and terminal through which it passed, not- 
ing any special delivery conditions and 


FRAMINGHAM, MASSACHUSETTS ® 4:30 P.M. 


Cutitta and Raimondi meet with IDC’s QuikSurv’s 
Ken ronredmaay and Judy Danielson to summarize . 


the survey 


Sheryl Merchant, IDG Communications 


International 


Services sales and 


marketing support manager, uses IDG’s 
global E-mail Network to check foreign 


currency 
for all p Pesemeor an -aA 


pemee n rates and a dates 
magazines 


fa 


¢ 


UNITED STATES, EUROPE, ASIA ¢ 4:45 P.M. 


Cutitta initiates a global conference call to review final 
recommendations with IDC’s — Offices in ara. i 


London, Munich, Hong Ko’ 


Han pious bs tothe Mais pectoanonaie tar Gite 


Computerworld Australia, Co 
Computerwoche, Computerwo, 
Computer News in 


uterwoi 
Italia — 
id. The PC end-user 


aa aign will stress product documentation, 
reliability and service, and break in PC World 
editions in England, France, Germany and 


Australia. 


COLUMBUS, OHIO ¢ 5:30 P.M. 


The marketing director accepts 

and notes that the media p! 

penetrate all et markets wi 
es Cutitta a 

e selected IDG 

centrally thro’ 

His new pr 


JUNE 3, 1987 


ts the IDG recommendation 
= by IDG will 
commitment for advertising 
es. All the ads will be —— 
/IMS in the U.S. 
luct campaign will break in three weeks. 


budget restrictions. _ 


IDG. The World's Leading Provider of Information Services on Information Technology 
Five Speen Street, Framingham, MA 01701 © (617) 875-5000 © Operating Companies: Intemational Data Corporation (Research) ¢ IDG Communications, Inc. (Publishing) 





auxiliary messages generated. 

Much of the concern for network secu- 
rity is placed on protecting access to the 
mainframe and its data base, but with in- 
creasing demands to use that data on PCs, 
local-area network (LAN) security is also 
a pertinent issue. Ron Kopek, president of 
Edge-Tech Associates, a San Francisco- 
based consulting firm specializing in PC- 
to-mainframe communications, points out 
that once data is transferred from the 
host, all central control is lost. 

In this environment, the PC is an at- 
tractive target for data theft, sabotage 
and extortion. The integration of PCs and 
teleprocessing networks has increased 
the scope of the problem. 

Continued on page 44 





INTERNATIONAL DATA GROUP 


octane 


— 





COMPUTERWORLD 





A smarter 
smart card 


N etworks pose special security 
problems. Security decreases as 
the number of system users increases, 
and networks, by definition, exist to give 
access to a lot of people. 

The first challenge in maintaining se- 
curity is to keep out anyone who doesn’t 
belong on the network. Various methods 
exist that perform this function, most of 
them involving some combination of 
passwords and, increasingly, pass cards, 
magnetic strip cards or newer smart 
cards with password information encoded 
ona chip. 

All such methods have one drawback: 
Anyone who gets his hands on the card 
and learns the password can get into the 
network. 


Smart card + password control 
One variation on the smart card shows 
promise, however. The Challenger card, 
developed by Sytek, Inc., in Mountain 
View, Calif., in conjunction with the Brit- 
ish firm Open Computer Security, was 
designed specifically as an internal securi- 
ty tool for operators of private net- 
works, combining the smart card method 
with a type of password control. This 
control consists of two components: a 
central unit that attaches to the main 
computer processor and a unit that looks 
like a pocket calculator with a keyboard 
and display. 

When a user logs on with a password, 
the system issues him a random number. 
The user then punches another pass- 
word into the calculator unit, which asks 
for the random number. The unit en- 
codes that number and displays a scram- 
bled version. The user then punches this 
version into the network, where it is de- 
coded. 

An unauthorized user, therefore, has 
to know the calculator’s password, the 
system’s password and must get by the 
calculator unit to get into the system. 
Without all three, he is, in effect, con- 
fronted by a new password — the random 
number issued by the system — each 
time he tries to gain access. To prevent 
determined hackers from automatically 
dialing an endless string of random num- 
bers, the calculator freezes after a user 
punches in three wrong numbers. 

Protecting networks against unau- 
thorized users, as is the case with single 
computer systems, does not protect 
against authorized users bent on mischief, 
however. In addition, the management 
techniques that may solve a single instal- 
lation’s problems are less effective when 
applied to a network because of the num- 
ber of users, many of whom may be a 
continent away. 

The solution seems to lie in a combi- 
nation of encryption, passwords and strict 
levels of access. Corporate users, espe- 
cially those in the defense industry, are 
taking increasing interest in govern- 
ment network security ratings. As more 
corporations demand computers and 
networks that meet government stan- 
dards, vendors will be forced to build se- 
curity into their products, and systems 
and network managers will have to de- 
vise policies that make those security 
measures work. — JoHN VACCA 
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However, Kopek says he believes that 
users generally have to solve network se- 
curity problems on their own. He recom- 
mends a needs assessment, including a re- 
view of mainframe software and expected 
PC-based applications, before the installa- 
tion of a PC-to-mainframe link. 

In one research corporation, encryp- 
tion packages have been made available 
for all PCs. ‘‘We make sure users under- 
stand that data in a PC is much more pub- 
lic than data in a host computer, but it’s up 
to the individual users to employ the pack- 
age,” says the firm’s MIS department 
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head, who asked not to be named. 
Although hackers don’t present the 
greatest danger to network security, us- 
ers are still concerned with that threat. 
For this type of security breach, analysts 
recommend various technical solutions. 
Any communications link involving 
PCs — even between the PCs themselves 
— essentially broadcasts the data being 
processed or transmitted because outside 
sources can easily monitor the electro- 
magnetic emissions. Shielded cables and 
equipment and data encryption are the 
only ways to prevent this breach. 
Protection is a little trickier for un- 
shielded satellite transmissions. On the 
residential market side, effective scram- 
bling of a satellite television signal is im- 


perative if the cable industry is to survive 
or succeed with direct broadcast satellite 
service, also known as DBS. On the busi- 
ness end, the proliferation of videotele- 
conferencing and business television 
broadcasts necessitates enhanced en- 
cryption techniques to protect sensitive 
corporate information. 

It is vital that satellite suppliers con- 
centrate on the issue of network security. 
Generally, the only deterrent is well- 
planned prevention. 

What then, will the future hold for sat- 
ellite transmission security? Some of the 
technologies either being refined or soon 
to be introduced include the following: 

e Digital processing techniques for 
scrambling each video line and/or elimi- 
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nating all synchronizing information with- 
in the horizontal and vertical blanking in- 
tervals of the signals. 

¢ Combined technologies utilizing en- 
crypted uplinking for pay-per-view mov- 
ies and digital audio transmission to facili- 
tate distribution of stereo TV. 

© Use of spread spectrum and time-di- 
vision multiple access for sensitive infor- 
mation, because the likelihood of inter- 
cepting the entire message, as opposed to 
bits or chips of one, is remote. 

¢ Use of spot beam or antenna beam 
shaping whereby down-link signals are 
molded either mechanically or electroni- 
cally in a concentrated pattern, minimiz- 
ing interference, increasing strength and 
reducing the chance for eavesdropping. 

The concept of network security is 
based on an accumulation of small deter- 
rents that, together, dissuade or inter- 
cept the most dangerous threat of all: col- 
lusion among knowledgeable insiders. But 
no completely secure system is possible 


Network security is based on 
an accumulation of small 
deterrents that, together, 
dissuade or intercept the 
most dangerous threat of all: 
collusion among 
knowledgeable insiders. 


because safeguards must also be balanced 
against the need to maintain work flow. 

With this in mind, what is the future of 
network security? 

The future of network security will no 
doubt center on LAN gateways, inter- 
networking and satellite transmission. 
Consider a future case in which one side of 
a computer will be interfaced to another 
LAN, a privately owned wide-area net- 
work or even a public switched network. 
This type of environment, in which multi- 
ple networks are tied together by com- 
mon nodes, is referred to as an inter- 
network, and gateways are the common 
nodes that effect the interconnection. 

One example of such a future configu- 
ration is a company with multiple sites, 
each with its own LAN, all tied together 
via dial-up telecommunications circuits. 
LAN security issues are currently com- 
pounded by the addition of dial-up lines 
and more authorized users who could be 
spread worldwide. 

The network security threat in inter- 
network environments will continue to 
require increased security operations. 
The relaxation of local control will mean 
that many more parts of the network will 
not be trusted. When lower layer proto- 
cols cannot be trusted, then a company 
must place security features at the higher 
layers of the protocol hierarchy. 

Security for satellite transmission and 
networks is merely another sign of the 
continuing integration of computer and 
communications technologies in contem- 
porary information systems. It is one 
more step in the removal of the lines be- 
tween computers and communications, 
and between LANs and wide-area net- 
works. 

It is important for MIS to realize that it 
can understand network security threats 
and defenses only by looking at the total 
information system picture. ~ 
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GOVERNMENTAL CONTROLS 


Justice 


and data 
for all 


nformation managers will not take data base censorship lying down. That is the message the Informa- 


tion Industry Association and other organizations have made clear to the U.S. government by success- 


fully challenging a policy directive from former National Security Agency director John Poindexter. In 


November 1986, Poindexter issued a policy giving the government power to supress information it deemed 


“sensitive but unclassified.” This policy was based solidly on the two-year-old National Security Decision 


Directive (NSDD) 145 that outlined similar powers for administrative agencies. However, information 


industry leaders identified the policy as a threat 
to privacy and freedom of speech, particularly 
for public data bases. Shocked and indignant, 
they quickly brought the policy to the light of 
public scrutiny that lead to the policy’s rescision 
earlier this year (see story on government regu- 
lations, page 47). 

Days after Poindexter issued the directive, 
more than 100 members of the Information In- 
dustry Association (IIA) sat amazed as Diane 
Fountaine, who heads the Pentagon’s informa- 
tion systems directorate, outlined the adminis- 
tration’s plans. 

“IT was greatly distressed,” recalls Kenneth 
Allen, the IIA’s vice-president for government 
relations. “I thought Fountaine was going to 
say that the Pentagon wasn’t concerned about 
public data bases. Instead, I heard just the oppo- 
site.” 

The issue was not whether the administra- 
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tion would protect information, Fountaine said, 
but what information within government and in- 
dustry it would protect. Beyond this statement, 
though, she offered little detail. ‘Fountaine 
didn’t give specific examples and-wouldn’t even 
tell us what the administration planned to do,” 
Allen says. “I was very dissatisfied.”’ 

For Jack Simpson, who also attended that 
meeting, the implications became disturbingly 
clear. Simpson, president of Mead Data Cen- 
tral, a Dayton, Ohio-based supplier of such data 
base services as Nexis and Lexis, soon received 
visits from several government agencies includ- 
ing the U.S. Air Force, Central Intelligence 
Agency and Federal Bureau of Investigation, to 
evaluate Mead’s data base service operations 


Public outcry 
foiled a 
federal policy 
that limited 


privacy 


COMPUTERWORLD 


and suggest control methods. ‘‘The Air Force 
was the most confident,”’ he observes. ‘They 
asked, ‘Can you do this? Can you monitor 
that?’ ” 

Later, the Air Force published a report on 
Mead, Simpson recalls. “I asked if I could see it 
because it was about my company,” he says. 
“They said I couldn’t because it was classified, 
but they would send me an unclassified version 
in 90 days. It’s been more than 90 days, but I 
still haven’t seen it.”” 

The situation has been sticky, Simpson 
notes. Some of Mead’s best customers are from 
the government, including the White House, 
U.S. Senate and Internal Revenue Service, he 
says. “When something is running amok, 
though, someone has to say, ‘This isn’t right.’ ”’ 
Following his beliefs, Simpson agreed to speak 
to Congress on behalf of the ITA and Mead. 

On Feb. 26, Simpson testified before the 


FOCUS 45 








House Committee on Government Oper- 
ations on NSDD 145 and the “sensitive 
but unclassified”’ policy and also spoke in 
behalf of a House of Representatives bill 
known as H.R. 145, or the Computer Se- 
curity Act. 

H.R. 145, he argued, would provide a 
clear distinction between federal and pri- 
vate computer systems and between con- 
trol of the computer systems and control 
of the information itself. 

Simpson was not the only one who ex- 
pressed concern about NSDD 145. Sev- 
erai organizations, including the IIA, In- 
stitute of Electrical and Electronics 
Engineers, Inc., American Library Asso- 
ciation and the Association of Research 
Libraries testified as well. 
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Even though NSDD 145 does not provide the government with 
legal authority to institute information sanctions, the perception 
that it has this authority can be equally threatening. “The 
government is like a 6,000-Ib gorilla. When it moves, you don’t ask 
if it has the right to do so; you move out of the way.” 


KENNETH ALLEN 
INFORMATION INDUSTRY ASSOCIATION 


The administration, feeling heat from 
Poindexter’s “‘sensitive but unclassified” 
policy, also began to communicate with 
Congress. 

On March 17, this contact culminated 
in Secretary of Commerce Malcolm Bal- 


drige’s testimony before the Committee 
on Government Operations on behalf of 
H.R. 145. That same day, Baldrige an- 
nounced the rescission of Poindexter’s di- 
rective. Calling the directive “‘controver- 
sial,”’ he stated, ‘“‘the procedures by which 
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it was issued raised legitimate questions 
about the role of the National Security 
Adviser.” 

Repealing the policy was a step in the 
right direction, but many industry leaders 
and legal experts agree the problem has 
not been entirely resolved. The Poin- 
dexter policy crossed over the lines of 
constitutionality, explains John Yates, 
partner in the Atlanta law firm of 
Vaughan, Roach, Davis, Birch & Murphy. 
However, he says, ‘“The fact that the ad- 
ministration rescinded the directive 
doesn’t mean it won’t try to issue one 
again.” 

The problem, Mead’s Simpson claims, 
is that the current implementation has 
been stopped, but the directive that al- 
lowed it, NSDD 145, is still in place. Even 
though NSDD 145 does not actually pro- 
vide the government with the legal au- 
thority to institute information sanctions, 
IIA’s Allen warns, the perception that it 
has this authority can be equally threaten- 
ing. ““The government is like a 6,000-Ib 
gorilla,’ he says. ‘When it moves, you 
don’t ask if it has the right to do so; you 
move out of the way.” 

The directive, NSDD 145, primarily 
defines organizations and policies for 
maintaining standards for cryptology, 
telecommunications and automated infor- 
mation systems security. However, it also 
seeks to identify categories of sensitive 
nongovernment information and recom- 
mend steps to protect it. 

“In cases where implementation of se- 
curity measures to nongovernment sys- 
tems would be in the national security in- 
terest,”’ the directive says, ‘‘the private 
sector shall be encouraged, advised and, 
where appropriate, assisted in undertak- 
ing the application of such measures.” 

Further, while NSDD 145 was de- 
signed to regulate and monitor private in- 
formation, the systems security group re- 
sponsible for implementing the directive 
has no civilian representatives. 

Instead, the group consists of the sec- 
retary of state, secretary of the treasury, 
secretary of defense, attorney general, di- 
rector of the Office of Management and 
Budget, the director of central intelli- 
gence and the assistant to the president 
for National Security Affairs, who chairs 
the group. 


Consolidating security 

The directive was initially intended to 
consolidate security under one head so 
that it would be cohesive, according to Ed 
Zeitler, vice-president and manager of in- 
formation systems security at Security 
Pacific National Bank in Glendale, Calif. 
“That was a very good thought,”’ he says. 
However, Zeitler explains, the standards 
that are fine for the government are not 
entirely appropriate for the public sector. 

The policy is too broad, Mead’s Simp- 
son concurs. NSDD 145 was designed to 
cover three levels of security. However, 
it should only concentrate on the two that 
describe government agencies, he ar- 
gues. 

The first level is classified information 
in such agencies as the defense depart- 
ment, the CIA and embassies, Simpson 
says. 

The second level covers civilian feder- 
al agencies including the IRS. These orga- 
nizations do not have heavily classified in- 
formation, but some of it is sensitive, he 
notes. “You don’t want just anyone get- 
ting into tax returns.” 

Continued on page 48 
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arch signaled a shift in govern- 

mental power over private secu- 
rity. A victory for the U.S. private sector 
unfolded as the National Security Agency 
(NSA) overturned its previous state- 
ment of direction and agreed to support 
the Data Encryption Standard (DES) — 
at least for a few years. 

A year and a half earlier, the NSA had 
announced that it would not renew its en- 
dorsement of DES. Instead, the agency 
planned to replace DES with an encryp- 
tion standard developed under its Com- 
mercial Comsec Endorsement Program 
(CCEP). The NSA’s decision was not di- 
rectly tied to the National Security Deci- 
sion Directive (NSDD) 145, says Ken- 
neth Allen, vice-president for the 
Information Industry Association (IIA). 
However, it signaled another attempt 
from the government to regulate sensi- 
tive but unclassified information. 

The NSA’s standards announcement 
quickly raised questions, concerns and 
outcries from the financial industry. 

“The NSA was attempting to with- 
draw DES without regard for the econom- 
ic impact it would have on U.S. busi- 
ness,” ITA’s Allen comments. Replacing 
DES-based security equipment without 
a transition period would be expensive, 
concurs Ed Zeitler, vice-president of in- 
formation systems security at Glendale, 
Calif.-based Security Pacific National 
Bank. Zeitler also serves as a liaison be- 
tween the NSA and the American Bank- 
ers Association (ABA), a Washington- 
D.C., organization that represents 95% 
of U.S. commercial banks. 

The ABA has found other expenses 
related to the NSA’s policy, Zeitler says. 
While some of the CCEP algorithms are 
applicable to part of banking’s processing, 
they are too expensive to justify using in 
other areas. In addition, the NSA wants to 
generate and manage the keys that de- 
crypt these CCEP security systems. “If 
we had to go to the NSA, the cost over- 
head would be too high, and it would limit 
our use of equipment,’ he says. 


The keys to the kingdom 

However, the greater issue of key man- 
agement is the NSA’s ability to assign ac- 
cess to private businesses, industry 
watchers agree. First, if the NSA gener- 
ates the keys for private businesses, it 
will potentially have access to those com- 
panies’ data bases. Second, businesses 
are ultimately responsible for their own 
transactions and data bases. Therefore, 
they should have control over securing 
them, Zeitler asserts. 

Another problem is that many firms 
need to perform transactions with foreign 
businesses. DES is available to many for- 
eign countries, but the CCEP algorithm 
would not be. Even if it were, Zeitler 
notes, “‘I’m not sure how well a govern- 
ment-owned algorithm would be accept- 
ed by foreign businesses.” 

Finally, the agency has shifted its de- 
velopment focus, according to Kurt Bark- 
er, an analyst with Trusted Information 
Systems, Inc. of Glenwood, Md. Original- 
ly, the NSA had concentrated on Type 2 
algorithm modules designed for sensitive 
but unclassified information. These 
modules would affect private industry, 
Barker says. The NSA has since shifted 
its emphasis to algorithm modules for 
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GOVERNMENTAL CONTROLS 


DES gets an encore 


classified data, which would primarily be 
used by the government, he comments. 

Without a fully developed set of algo- 
rithms from the NSA, DES is the only en- 
cryption standard that businesses have, 
Zeitler says. ‘“The fact that DES is a na- 
tionally recognized standard has made a 
big difference in industry,” he asserts. 
“Without DES, we would be at the mer- 
cy of the vendors.” 

The NSA, realizing that it cannot ad- 
dress certain technical and management 
issues, has agreed to endorse DES for 
another five-year period while it contin- 


ues to work on its CCEP algorithms. 

For its part, the ABA has announced 
that it will already work with the NSA to 
develop standard algorithms that will 
meet the needs of private business as well 
as government. Already, the banking as- 
sociation has sent the NSA a list of sug- 
gestions for a workable encryption stan- 
dard, including the following: 

© The encryption code has to be 
available for international transactions. 

¢ CCEP needs to be verified by an in- 
dependent resource. 

¢ Government certification should 
remain under the domain of the National 
Bureau of Standards while the NSA de- 
velops the code. 

¢ The encryption standard has to 


work with multiple vendors’ equipment 
and provide multiple translations. 

¢ The encryption standard has to be 
compatible with existing communications 
security technology, notably American 
National Standards Institute standards. 

e Private business should be respon- 
sible for key generation and management 
because it is held accountable. 

Much of the ABA’s concerns are po- 
litical ones that will pose a sticky problem 
for a number of years, Barker asserts. 

“It will be tough to find a replacement for 
the DES algorithm,” Zeitler concurs. 
However, he says, “[the NSA] has been 
very responsive and is attempting to 
come up with solutions that meet our 
needs.” — REBEccA Hurst 





. ; 
4 
a 


one size 
does not 


fit all! 


Software tailored 


to fit your 


mailware needs 








Your company's mailware requirements aren't exactly 
the same as your neighbor's, so why use the same 
generic, “one size fits all” software system? When 
your mailing requirements are less frequent or com- 
plex, the system picked off-the-rack is ill-fitting, and 
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Justice and data 


Continued from page 46 


The third level is public, nonclassified 
data. “This is information you can find in 
The New York Times, The Wall Street 
Journal or Nexis,” Simpson explains. 
When the government is looking at Levels 
1 or 2, it’s obvious for NSDD 145 to talk 
about protecting information,” he as- 
serts. ‘When NSDD 145 tries to apply 
that control to the third layer, that’s a 
problem.” Trying to control public infor- 
mation not only violates the rights of free 
speech and privacy, Simpson argues, it 
also exceeds the work load the govern- 
ment is capable of handling. 


GOVERNMENTAL CONTROLS 


Instead of putting energy into the pri- 
vate sector, he says, the government 
should concentrate on its own internal se- 
curity. ‘“The core of the government’s se- 
curity system is in disarray. Look at 
what’s happening at our embassies,” 
Simpson notes. 


A solution in H.R. 145 

Many observers agree the solution is to 
distinguish between control of govern- 
ment agencies and the public sector by re- 
defining or eliminating NSDD 145 and by 
passing H.R. 145 into law. Asa law, H.R. 
145 would take precedence over NSDD 
145 and place computer security in the 
hands of civilian agencies, IIA’s Allen 
notes. 





fata YOU 
T 


Already, the administration has begun 
reviewing NSDD 145 “‘to resolve any am- 
biguities in that document with respect to 
the role the National Security Adviser will 
play in the future,” Baldrige stated in his 
March address. He also announced the 
administration’s support for the Comput- 
er Security Act, H.R. 145. “Good legisla- 
tion in this area,” he said, “will foster the 
progress we want to achieve in enhancing 
the security of federal government sys- 
tems.” 

“H.R. 145 has a much narrower scope 
than NSDD 145,” Simpson comments. 
“Tt doesn’t talk about information classifi- 
cations.” Instead the Computer Security 
Act takes a two-pronged approach to se- 
curing computer systems. 
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First, the bill reaffirms that the Na- 
tional Bureau of Standards (NBS) is the 
governmental agency responsible for de- 
veloping standards and guidelines for 
computer systems, including those for se- 
curity. 

H.R. 145 also states that NBS will de- 
velop guidelines for training federal em- 
ployees about ‘security awareness and 
accepted security practice.” In addition to 
these duties, NBS is authorized to assist 
the private sector in using and applying 
the results of these programs and activi- 
ties. 

Second, H.R. 145 seeks to establish a 
Computer System Security and Privacy 
Advisory Board within the Department of 
Commerce that would represent both the 
government and private industry. The 
proposed group would consist of eight 
nongovernment representatives who are 
eminent in the computer or telecommuni- 
cations industry and four members of the 
federal government who have systems 
management experience. In addition, 
there would be a chairman appointed by 
the Secretary of Commerce. 

This board would serve three primary 
functions: 

¢ To identify emerging managerial, 
technical, administrative and physical 
safeguard issues relative to computer sys- 
tems security and privacy. 

© To advise the NBS and the Secre- 
tary of Commerce on security privacy is- 
sues pertaining to federal systems. 

¢ To report its findings to the Secre- 
tary of Commerce, the director of the Of- 
fice of Management and Budget, the di- 
rector of the National Security Agency 
(NSA) and the appropriate committees of 
Congress. 

However, H.R. 145 is not in its final 
form. Changes to the bill can be expected 
because the administration only supports 
it with some modifications, which Bal- 
drige outlined before Congress in his 
March speech. 

To clear the air over the ‘“‘sensitive but 
unclassified” directive, the administra- 
tion is calling for “clear language to the ef- 
fect that nothing in this bill authorizes the 
government to withhold information that 
is otherwise available to the public,” he 
said. 


A presidential review 

At the same time, the administration 
called for provisions for presidential re- 
view of standards and cooperation be- 
tween the NBS and the NSA. These pro- 
visions were designed to assure that NBS 
standards are consistent with national se- 
curity use technical guidelines from the 
NSA. 

Finally, the administration wants to 
drop the portion of the bill that creates 
the Computer Security and Privacy Advi- 
sory Board. Instead, it prefers to ‘“‘make 
training in computer security a direct re- 
sponsibility of agencies,” Baldrige stated. 

Simpson also would like to see changes 
to the Computer Security Act. “It’s a 
good start,” he claims, “but H.R. 145 
needs two more pieces before it effective- 
ly counteracts the national security direc- 
tive.” First, the bill needs to explicitly de- 
scribe what controls, if any, the 
government can implement. Second, he 
says, H.R. 145 must define whether Lev- 
el 2, nonclassified federal information, 
needs to be regulated as well as computer 
systems. If these changes are made, 
“then the government wouldn’t need 
NSDD 145,” Simpson asserts. * 
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It’s in the bank... 
or is it? 





BY ROBERT DRATCH 
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esse James and his band of bank-robbing hoodlums are part of folk- 


lore. Today, however, the infamous practice of robbing banks has 


taken on more meaning than just holding up a teller for a sackful of 


coins. Rather, tapping into the sophisticated electronic exchange systems 


that are an integral part of modern banking is tantamount to a holdup of 


far-reaching consequences. 


Banks have a long history of 
being very concerned and cau- 
tious about protecting custom- 
ers’ proprietary information — 
such as balances, valuations of fi- 
nancial worth and value-bearing 
transactions, including money 
transfers and other customer fi- 
nancial activities. Banks have al- 
ways provided extensive con- 
trols to protect information and 
transactions in paper form. 

Examples of these controls 
include signature verification/ 
authorization; telephone call- 
back to customers to check the 
authenticity of the sender and 
the integrity of the contents of 
funds transfers sent by wire or 
mail; and cameras and alarm sys- 
tems to protect bank branches 
and automated teller machines. 


Dratch is vice-president and manager 

of management control and data security 
for global electronic banking at Chase 
Manhattan Bank NA in New York. 


Today, as the handling of in- 
formation in electronic form be- 
comes more and more a part of 
banking, the banking industry is 
pioneering new ways to use com- 
puter-based technology to se- 
cure financial transactions. 

Three major areas of data se- 
curity in the banking sector have 
emerged over the years: access 
to systems, message integrity 
and privacy. For about 10 years, 
access was a primary focus in ad- 
dressing security issues. Securi- 
ty measures first started with 
time-sharing vendors, in which 
customers were identified at the 
access level with particular user 
identification and passwords. 

The major areas of concern in 
sending a transaction have tradi- 
tionally been the customer’s of- 
fice, the network and the bank. 
Within access there should be 
implied rights in the transaction 
process based on whether you 
are a customer, a bank employee 
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or someone else. 

The best technologies cur- 
rently available for securing fi- 
nancial transactions are those 
based on cryptographic tech- 
niques. Cryptographic hardware 
and software have been com- 
mercially available for more than 
10 years in the U.S., and applica- 
tion of these techniques in the 
nonbank private sector has been 
scant. 

As technology grew more so- 
phisticated, message integrity 
became a key focus of data secu- 
rity. To preserve the integrity of 
a message, the authentication 
process establishes the mes- 
sage’s validity or verifies a user’s 
authorization for access to data. 
Authentication uses cryptogra- 
phy to verify the authenticity of 
the sender and to ensure that no 
alteration has taken place in the 
contents of the information sent 
by an authorized sender. 

The banking industry, as well 
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as many segments of the corporate mar- 
ketplace (for example, manufacturing and 
broker/dealers), are establishing require- 
ments to use authentication and encryp- 
tion — a scrambling technique for dis- 
guising a message at its source and 
unscrambling the communication at its 
destination — to protect the movement 
of valuable information between enter- 
prises. 

This movement is facilitated by the ex- 
istence of standards developed under the 
aegis of the American National Standards 
Institute (ANSI with assistance from 
trade associations such as the American 
Bankers Association. 


Standards provide direction 

Standards on authentication and encryp- 
tion have provided technical direction to 
vendors in developing hardware and soft- 
ware components to support these meth- 
ods of securing data. In turn, key manage- 
ment has become important to the 
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security of the whole process. 

At first, test keys were used for autho- 
rization. Now, the authentication stan- 
dard for financial messages established by 
ANSI relies on the Data Encryption Stan- 
dard (DES) algorithm to produce a mes- 
sage authentication code (MAC). The au- 
thentication process 
uses a secret key, or 
value. 

This key as well as 
the data in the message 
being sent are fed into 
the authentication algo- 
rithm. The end result is a MAC that is 
highly unique for that key and that partic- 
ular message. If the key is wrong or the 
message has changed, the MAC will be in- 
valid. This process can be done in soft- 
ware or hardware and is routinely em- 
ployed by Chase Manhattan Bank NA in 
all its personal computer-based transac- 
tion initiation products delivered to cor- 
porate and institutional customers. 
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Slay 
dragon with BSI-TAX from 
Business Software, Inc. 


Data security cannot 
be effective without 
physical security. 


To ensure that information cannot be 
modified, message authentication applies 
a unique MAC code at the end of the 
transaction based on the value of the in- 
formation in the transaction. Authentica- 
tion can be used for stored data as well as 
data moving across the network. 

Once the data is sent 
by the customer to the 
bank, authentication 
serves to secure the 
data both during trans- 
mission and while it is 
stored. Most money 
center banks — banks that handle global 
financial exchanges — are extending 
their use of authentication, both internal- 
ly as well as externally, with customer in- 
terfaces. 

Use of authentication has become so 
prevalent that even the Department of 
the Treasury, for example, has issued a di- 
rective requiring ANSI message authenti- 
cation for its own internal systems, and 
the Society for Worldwide Interbank Fi- 
nancial Telecommunications employs 
both authentication and encryption as 
standard features of its system. 


Privacy issue 

In banking, another area of concern in the 
evolution of data security is the privacy is- 
sue. 

To ensure the privacy of a message, 
many banks use data encryption. Encryp- 
tion disguises the contents of the informa- 
tion, allowing only the authorized user to 
translate scrambled information into 
readable form. Encryption systems that 
work at the word level are called code sys- 
tems, while the systems that work at the 
number or letter level are called cipher 
systems. 

Encryption can also be used for trans- 
mitting information, such as in the case of 
a money transfer. Using this encryption 
method, customers can prevent the view- 
ing of data during transmission as well as 
when the information is stored in their 
own systems. 

Sensitive information such as custom- 
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er passwords and personal identification 
numbers are routinely encrypted on files 
and in computer networks. Critical com- 
munications links between intrabank 
computers and Federal Reserve Bank 
computers are also protected with en- 
cryption. . 


Cipher process 

Encryption uses a cipher process similar 
to authentication in which a secret key, 
such as a code or password, makes the re- 
sult unique for the user. Both encryption 
and authentication follow specific mathe- 
matical formulas. The algorithm is the 
same for both and generates two types of 
results — encrypted data and a MAC for 
data. 

Chase Manhattan Bank is currently 
building the capability to both authenti- 
cate and encrypt for a single money trans- 
fer between bank and customer, utilizing 
all three types of controls — access, in- 
tegrity and privacy. 

In addition, different types of controls, 
when combined with authentication, al- 
low a user to eliminate duplicates in a net- 
work environment. Authentication alone 
will not allow banks to detect duplicate 
transactions resulting from an active 
wiretap. 

However, additional measures such as 
date-stamping the transaction or giving it 
a sequence number at the customer’s lo- 
cation will allow officials to check for du- 
plicates on the bank’s side. 

By including sequence numbers and 
dates in the authentication process, the 
bank can tell if a transaction has been du- 
plicated or not. If someone were tamper- 
ing with a transaction, the MAC valida- 
tion would fail. Combining these integrity 
controls provides a more secure transac- 
tion. 


Vulnerable environments 

Of the three environments — in the cus- 
tomer’s office, in the network transmis- 
sion or at the bank — in which a security 
breach may occur, the network poses the 
least threat of being penetrated. The cus- 
tomer’s office and the bank environment 
hold the greatest potential for being the 
areas in which to violate a transaction be- 
cause the greatest expertise in technol- 
ogy and operations exists at those two 
points. 

Separation of duties, for example, di- 
viding the responsibilities for initiating a 
money transfer transaction among sever- 
al individuals, is important in preventing 
breaches of security. 

Physical security, of course, is another 
valuable method to protect data integrity. 
It is not advisable, for example, to write 
passwords down or keep a diskette with a 
secret cipher key on it unlocked and avail- 
able. 

Data security cannot be effective with- 
out physical security. 

In the past three years, technology has 
moved rapidly, supporting multiple 
modes and levels of security. One of the 
biggest accomplishments has been to 
make customers aware of the need for se- 
curity. 

By implementing more sophisticated 
security techniques, banks will continue 
to be leaders in the deployment of com- 
puter-based technology to effect financial 
transaction and information flows. This 
technology will also be used to provide 
state-of-the-art security to protect crucial 
customer and bank data, both inside and 
outside the bank environment. * 
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Barricade your company 
from hackers, terrorists 


By MicwakL TUCKER 

When we think about protect- 
ing a high-tech resource like a 
computer, most of us have a 
habit of thinking that the threats 


_ we face are themselves high- 


tech. 
But, in fact, a single terrorist 


. with a few pounds of plastique 


can do more damage in the 
twinkling of an eye than an army 
of hackers can do in a decade. 

Last November, terrorists 
reportedly planted a bomb in 
IBM’s European Networking 
Center in Heidelberg, West Ger- 
many. No one was hurt, but the 
blast damaged the center’s 
mainframe and caused more 
than a million and half dollar’s 
worth of damage to the facility. 

Examples like that one are 
the reason why this month’s 
Tech Talk is about something 
old — the design of secure in- 
stallations. What is new about 
the subject is an emerging 
awareness on the part of the in- 
dustry that data must be protect- 
ed physically as well as elec- 
tronically. 

That level of physical pro- 
tection can be very sophisticated 
indeed. Sygnetron 
Production Systems, 


Hot Seat, a new | Inc. in Timonium, 


column starting this 
month on page 56. 
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Mad., is a security con- 
sultancy and security 
system integrator. It 
has not been traditionally in- 
volved with data processing. 

“Our work is largely for the 
Department of Energy, the nu- 
clear industry and large com- 
mercial installations that have 
connections with one or both of 
the first two,” explains Neil Ow- 
ens, director of marketing for 
the company. 

In short, Sygnetron does 
most of its work in places where 
a breach of security could have 
horrific consequences. The firm 
defends against such things as 
the theft of fissionable material 
by terrorist groups. But sup- 
pose data was considered no less 
valuable (or dangerous) than 
plutonium, which, in a sense, it 
is. How would Sygnetron pro- 
tect a data center? 

“First,”” Owens says, “we'd 
determine the kind of assets you 
have. In the case of informa- _ 
tion, you have a severe security 


problem because it’s so com- 
pact. You can steal a lot of it ina 
small package.” 

He notes, for instance, that 
the new generation of write- 
once, read-many disks, with 
their vast storage capacities, 
makes it easy for a thief to walk 
out of a DP installation with a 
company’s entire data base 
tucked in a coat pocket. 


The outside perimeter 
After determining a company’s 
assets, Owens explains, ‘““We’d 
take a look at your outside pe- 
rimeter.” The fence around a 
building can determine the 
structure’s life or death. 

“Tf you have a terrorist 
threat, for instance, we'd sug- 
gest that you have a physical 
barrier to keep anybody with a 
bomb away from the building 
entirely. You’d want a special- 
ized security fence to keep a 
BMW loaded with TNT from 
ramming the wall of the data 
center,” he says. 

Only after that precaution 
would Sygnetron begin to con- 
sider electronic countermea- 
sures. 

At the heart of a company’s 
system would be a host security 
computer, extensively inter- 
connected with building and pe- 
rimeter sensors. This machine 
would provide a constant over- 
view of the area’s status, main- 
tain an extensive log of security- 
related events and even offer 
decision support functions for 
human guards. 

“Uniformly,” Owens says, 
“our systems are based on a host 
computer. Basically, you have a 
choice. You either go with hu- 
man guards or you go with elec- 
tronics. In general, guards are 
more expensive, and they are 
subject to human error. Elec- 
tronics systems aren’t. You’re 
not going to compromise them 
with candy.” 

Owens suggests a dual sys- 
tem — various intrusion-detec- 
tion sensors such as alarms, 
motion detectors, ultrasonic 
sensors and the like backed up ~ 
by closed circuit television. TV 
cameras would be installed 
both at the perimeter and within 
the building itself. 

“Closed circuit TV is superb 
for threat assessment,” Owens 
maintains. ‘It works hand in 

Continued on page 53 
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Securing PC hard disks 


MIS officers have discovered 
from sad experience that it is 
easy to secure a mainframe in a 
data center but almost impossi- 
ble to do the same for a personal 
computer. 

PCs are designed with the pri- 
mary goal of easy access for non- 
technical users. To reverse that 
design is literally to go against 
the whole concept of PCs. 

However, as PCs are used in 
more and more situations, they 
increasingly hold sensitive data. 
A PC’s hard disk may now con- 
tain information vital to the sur- 
vival of a company. 


Modem risks 

Given the distributed nature of 
most modern businesses, PCs 
must support dial-up access. In 
an age when executives may be 
working on the road, at home or 
from outlying offices, it is impos- 
sible to assume that the office PC 


will do without a modem. But, of 
course, modems also mean esca- 
lating security risks. 

Fortunately, a number of 
products are now coming to mar- 
ket that provide some level of se- 
curity for PCs. One 
such tool recently in- 
troduced is Onguard 
from United Software 
Security, Inc. in Vien- 
na, Va. 

United Software Security is 
know primarily for its mainframe 
security product, Padpath Soft- 
ware, which is remarketed with 
proprietary hardware by such 
firms as Atalla Corp. in San Jose, 
Calif., and Security Dynamics, 
Inc. in Cambridge, Mass. 

As one of the firm’s first ven- 
tures into the PC market, On- 
guard attempts to provide main- 
frame-like security functions to 
the hard disks of PCs. 

Continued on page 52 


BLUE 
BEAT 


Security scruples 


recent epi- 
sode of 
ABC TV’s 


nology adventure pro- 
gram, Max Headroom, 
featured a tense battle between 
a young hacker and a sophisticat- 
ed mainframe 


In the scene, the boy wrestles 


| with the computer’s security 


system in an attempt to alter a 
specific file. Tapping furiously at 
his keyboard, the hacker mo- 
mentarily manages to break the 
security system and access 
mainframe data. 

Although Max Headroom's 
set is a product of the ’80s and 
the show’s computer graphics 
are spectacular, the scene could 
have come from a 1960s comic 
book. 

The show’s theme is not a 
new one: A human mind can al- 
ways triumph over a computer 
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mind, no matter how artifi- 
cially intelligent that com- 
puter mind may be. 

MIS managers must 
struggle against this well- 
accepted belief every day. 

They must maintain security 
systems that are as close to un- 
breachable as is technologically 
possible, while they battle the 
mind-set of disgruntled employ- 
ees, outside hackers and bored 
users who have come to view 
breaking security as a high art 
form. 

MIS must also fight corporate 
managers who fail to understand 
that inadequate security in major 
installations has encouraged the 
pastime of computer crime. Af- 
ter all, breaking through barri- 
ers often isn’t that hard. 

These challenges become 
greater as the computer indus- 
try moves toward connectivity 

Continued on page 58 


Onguard will perform 
antitampering 
checks on itself and 
its data. 
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Secur ID card changes by the minute 


It’s about the same size as a 
credit card but is roughly twice 
as thick. That’s to be expected, 
however, because the Secur ID 
card contains a lithium battery, a 
band of LCD readouts and a mi- 
croprocessor that generates a 
new four- to eight-digit code that 
changes every minute. 

Security Dynamics, Inc., a 
Cambridge, Mass., maker of Se- 
cur ID, claims it is the only com- 
pany currently offering such a 
security product. 

To gain access to a computer 
system, a Secur ID user steps up 
to a terminal or microcomputer 
that is linked to a firm’s main- 
frame, types in a personal identi- 
fication number and the code 
that is displayed at that moment 
on his card. The host computer 
matches the user’s number to its 
calculation of the number dis- 
played on his card before it al- 
lows access to the data base. 


ACE behind the cards 

Of course, the Secur ID card is 
only the front end of the Security 
Dynamics system. The cards, 
which last two years, cost $46 
apiece. Security Dynamics’ Ac- 
cess Control Encryption (ACE) 
system also consists of a control- 
ler that is priced according to the 


Hard disks 


Continued from page 51 


Onguard assumes that a sys- 
tem uses a PC witha hard disk as 
a central system and users dial in 
to access data. 

Once installed, the Onguard 
program allows the system man- 
ager to prevent users from read- 
ing the hard disk and from mak- 
ing copies of hard-disk data onto 
their own floppies. 

Onguard reportedly can also 
prevent unauthorized users from 
getting into the system in the 
first place. 


Automatic logoff 

According to the vendor, it pro- 
vides passwords, automatic lo- 
goff after a set number of failed 
passwords, multiple levels of se- 
curity and even encryption using 
the Data Encryption Standard al- 
gorithm. 

The product will also perform 
a number of antitampering 
checks on itself and its data. With 
these, the system manager can 
detect and defend against at- 
tempts to get around the pro- 
gram. 

Onguard requires an IBM 
Personal Computer XT, AT or 
compatible with a 800K-byte 
hard disk and 128K bytes of ran- 
dom-access memory. 

The Onguard program is 
priced at $295. — MicHAEL 
TUCKER 
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number of host communications 
ports it protects. Depending on 
the size of controller and number 
of ports secured, the price of the 
ACE system can range from 
$2,500 to $100,000. ACE soft- 
ware can be purchased separate- 


— 
| 
| 
| 
| 


ly for $50,000. 

Security Dynamics is going 
after some pretty stiff main- 
frame-based security competi- 
tion such as IBM’s RACF and 
Top Secret from Computer As- 
sociates International, Inc. 
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Bob Fine, vice-president of 
sales and marketing at Security 
Dynamics, figures that although 
there are only a total of about 
6,000 of these systems installed 
in the U.S., their heavy costs 
make for big revenue overall. 

Other competition is piling in. 
Secur ID is part of a security cat- 
egory that is made up of smart 
cards and programmed electron- 


ic keys. “The electronic key 
market is wild now,” explains a 
researcher at Dataquest, Inc. in 
San Jose, Calif. “It includes ev- 
erything from devices that look 
like harmonicas to things that re- 
semble police whistles and acti- 
vate user access through sound 
vibrations,”’ the researcher says. 
— Stan Ko.opzig} 
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hand with the rest of the sys- 
tem. If an alarm goes off — say, 
at some point along the fence 

— then a camera in that area will 
automatically switch on.” A 
guard sitting at a terminal can 
then tell quickly whether the 


alarm was triggered by some- 
thing innocent, perhaps a pass- 
erby dragging a hand on the 
fence, or by something really 
dangerous. 

“The next level of protec- 
tion is the building itself,” ac- 
cording to Owens. To this end, 
Sygnetron would lock particular- 
ly at entry and exit control. The 
company would install a number 


“Xerox has a range 
Electronic Printing 
10 originals 


Whether you're pounding out a few pages 
or putting out pages by the pound, Team Xerox 
has the solution to your printing problems. To 
Xerox that’s more than just producing reliable 
printers. It's more than just service. It$ a belief 
that finding the solution to your problems 
isn't good enough unless it’s the a right 

tion. 


ranges of electronic printing systems—it’s one 
of the most unique. For instance, Xerox 4045 
Laser CPs are desktop printers that are also 

copiers. The two new models have expanded 
memory capabilities—the Model 20 for IBM 


3270 data 


systems, and the Model 


processing 

50 for desktop publishing and other applica- 

tions where full-page graphics are needed. 
Work groups and small corporate depart- 

ments have special problems when it comes to 


electronic 


printing. Problems the Xerox 2700 


and 3700 can solve. Both laser printers are 
designed for remote printing. The 2700 can 
produce 12 originals per minute. And the 3700 
can produce up to 24 pages per minute on 
paper sizes up to 11” x 17”. 

Xerox has electronic printing systems for 


more intricate needs. The 4060 


computer print- 
ing system can 
turn out 60 pages 


produce documents with a lot of text. The 
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of devices to control entry to 
and passage through the build- 
ing. These controls would 
range from card identification 
systems in low-security areas 
to sophisticated biometric de- 
vices in high-security areas. 

In addition to the obvious 
benefit of these personnel sys- 
tems — systems that keep peo- 
ple out of places where they 


of 


Systems that 
per minute to 120 
And they thought | was prolific? 


Xerox 4050 is a laser printer that creates laser- 
sharp text and graphics at 50 pages per minute. 
The Xerox 8700 and 9700 set the stan- 
dard for high-volume electronic printing. And 
now, the new 8790 and 9790 take that standard 
to anew level. These high-volume electronic 
printing systems give corporate data centers 
and service bureaus imaging 
unsurpassed by anything else on the market. 
The 9790 can produce up to 120 pages a 





don’t belong — these setups 
also instill in people a sense of 
discipline. Owens explains: “It 
is a means of making people, par- 
ticularly managers, take securi- 
ty seriously. One can define an 
excellent security system and 
still have it fail because manage- 
ment does not support it.”” 

In fact, Owens says, not tak- 
ing security seriously is fatal. He 


XEROX 


produce 
per minute. 


Leonardo da Vinci 


tools that are 





minute. And can handle both text and graphics, 
which is critical for so many high-speed 


So, if you'd like more input on 
how a Xerox Electronic Printing 


XRX. Or send in the 
coupon below. Because when it comes to 


solving your problems, we'll 
help you find the solution. 


Xerox brings out the genius in you. 


System can 
improve your 
output, call 
Team Xerox at 
1-800-TEAM- 


Team Xerox 





Xerox Corporation, PO. Box 24, Rochester, NY 14692. 
O Please have a sales representative contact me. | 
| O Please send information on Xerox Electronic Printing 


| Systems. 
NAME 


COMPANY 


ADDRESS 


PHONE 


| city 


— 


XEROX® and the number names 
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Or if you can't wait, call 
1-800-TEAM-XRX, 
(1-800-832-6979, ext. 187B). 


are trademarks of XEROX CORPQRATION. 
IBM @ isa trademark of INTERNATIONAL BUSINESS MACHINES CORPORATION. 
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points to the example of the 
current scandal at the U.S. em- 
bassy in Moscow. In that inci- 
dent, American guards were al-- 
legedly compromised by the 
KGB, the Soviet secret police 
and intelligence agency. 

“What was amazing,”’ Ow- 
ens says, “‘is that [the embassy 
staff] had alarms in all the high- 
security areas. But, as near as 
we can tell from the limited in- 
formation available to us, those 
alarms could be [turned off] by a 
single guard. And, there was no 
log.” 

He argues that there should 
have been multiple security sta- 
tions in the embassy so that 
alarms could be deactivated only 
through the cooperation of two 
or more guards — in different lo- 
cations — who preferably did 
not know each other personally. 
In addition, Owens says, the 
embassy should have had some 
sort of automatic recording sys- 
tem that would note the time at 
which alarms were shut off. 

The log would then be re- 
viewed on a regular basis by 
high-ranking embassy officers. 
Frequent and unexplained deac- 
tivations of the alarms would 
thus be noticed. 

But there was no log to tip 
anyone off. It was only after one 
of the suspects turned himself 
in that the authorities realized 
something was wrong. And, if 
Owens is right and embassy 
management did not take secu- 
rity seriously, then the results of 
the security breach could be 
very serious indeed. 

While the average MIS offi- 
cer probably does not protect 
data as vital as that contained at 
the U.S. embassy, Owens’s re- 
counting of the story is still in- 
structive. 


Like Bonnie and Clyde 

In the embassy case, data secu- 
rity was compromised by noth- 
ing high tech, not encryption- 
busting code masters but rather 
by threats, seduction, human 
error and breaking and entering. 
The U.S. embassy was brought 
down by nothing more sophisti- 
cated than the tools Bonnie and 
Clyde could have applied to rob- 
bing banks in the 1930s. 

Educating non-data process- 
ing management about those 
physical threats could be im- 
portant for MIS — even vital. 
After all, even the most sophis- 
ticated password system or 
method of encryption could not 
have stopped that bomb in the 
IBM data center. 

If senior management seems 
to believe that data security is 
strictly a computer problem, 
then it may be MIS’s responsibil- 
ity to see that a bit of storytell- 
ing is in order. Next time, when 
you have to talk to senior man- 
agement and the board about se- 
curity, take just a moment to 
show them the wall of your data 
center. Then, invite them to 
exercise their imaginations. 
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Safe protects 
in 1,700°F heat 


What would happen to your company if 
every piece of significant data was de- 
stroyed in one day? What would it do with- 
out records of payroll, invoices, inventory 
or accounts payable? 

In rare cases, such loss of data results 
from computer system sabotage. More 
commonly, it is the result of fire. 

Either way, gathering lost information 
is a Herculean task that many fail to com- 
plete. Forty percent of firms in this pre- 
dicament reportedly go out of business. 


Slow roasting 

The MVP-101 desktop safe from Media- 
vault, Inc. of East Rutherford, N.J. was 
designed specifically to protect floppy 
disks and tapes. It reportedly can protect 
its contents for an hour in temperatures 
up to 1,700 degrees Farenheit. In one in- 
dependent test, though, floppy disks 
could still be used after they were slowly 
roasted at lower temperatures for more 


MVP-101, desktop safe for floppies 


than 12 hours. 

MVP-101 was designed to meet the 
environment requirements of floppy 
disks, which are more sensitive than 
tapes, according to Avi Tzur, Media- 
vault’s president and the safe’s designer. 
“Floppy disks can handle a maximum 
temperature of 125°F and a maximum 
relative humidity of 80%,” Tzur says. 

Many safes can insulate against the 
heat, but not all protect against water, 
Tzur claims. Humidity is an important fac- 
tor in fires. ‘Most safes undergo water 
strain from the firefighter’s hoses,” Tzur 
explains. 

The MVP-101 is also lightweight, the 
vendor claims. Because some fire safes 
are modified with extra insulation, ship- 
ping and handling for these types of vaults 
can add to the safes’ weight and cost, Tzur 
states. The 15-in.-square MVP-101 uses 
materials developed for space technology 
and weighs less than 70 Ibs. 

To protect against theft, the safe is 
said to have a virtually pickproof lock 
from Salem, Va.-based Medeco Security 
Locks, Inc. The $695 MVP-101 safe 
stores up to 115 5%-in. or 135 3'-in. 
floppy disks. — Repecca Hurst 
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Correction 


The cover for the May 6 issue of Com- 
puterworld Focus was illustrated by 
Jose Cruz. 
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The Disk Technician software secu- 
rity system has debuted from Prime 
Solutions, Inc. 

According to the vendor, the Disk 
Technician software system automatical- 
ly prevents, detects, repairs and recovers 
hard-disk media failures before data is lost 
on the IBM Personal Computer XT, AT 
and PCjr systems and compatibles. 

The system consists of a single 5%-in. 
diskette and works on both hard and flop- 
py disk drives. 

Prime Solutions claims that the prod- 
uct checks every byte on the disk, occu- 
pied or not, for the soft error rate, track 


CHECKLIST 


alignment, magnetic retentivity and the 
ability to read and write. All unsafe soft 
errors are either repaired or blocked, and 
any programs and data files in use are 
moved to a safe area before the files lose 
data. 

Disk Technician costs $99.95 and 
comes with a 30-day unconditional mon- 
ey-back guarantee. 

Prime Solutions, 1940 Garnet hit, 
San Diego, Calif. 92109. 
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Dial-Guard, Inc. has introduced the 
Dial-Guard on-line security system. 


The Dial-Guard system is said to pro- 
vide users with authentication and data 
protection. The system is made up of a 
hand-held Dial-Key, host-resident soft- 
ware and devices attached to terminals 
and personal computers. It uses dynamic 
one-time passwords and identifies users 
based on what they know, what they have 
and where they are. 

Dial-Guard provides real-time mes- 
sage and electronic mail systems and cre- 
ates custom management and audit re- 
ports. Optional message authentication 
coding and message encryption are avail- 
able. 

The basic system costs from $250 per 
protected terminal or PC, plus a software 
interface site license. 





The latest UPS 


oct) iLL} aes bid 


So head crashes, disappearing data and 
board failures have finally gotten to you. 

All fingers point directly to a plague 
of dirty power bugs-incoming spikes, sags, 
surges, transients and glitches. 

Youre convinced that an uninterrupt- 


ible power supply (UPS) system is the only 
solution. 


Look before you leap. Now there are two 
UPS technologies to choose from: Solid 
State and Rotary State. 

Both provide the same fail-safe insurance. 
Each has an equally fanatic following. 


_EPE solid state UPS 
is anything but static. 

In fact, this all-electronic UPS technology 
is growing so fast that we've formed a 
new subsidiary, Ultimate Power Systems” 
to efficiently handle the business. 

Annual world-wide UPS system sales 
from Ultimate Power and our joint venture 
partner, Merlin Gerin, now total over $100 
million. Our installed base over the past 16 
years now exceeds 10,000 systems. That's 
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over 600,000 KVA of 
installed UPS power. 


UPS 


solid state UPS? 
Breadth and stability 
are two reasons. We're 
big, efficient and on 
the move. 
State-of-the-art elect- 
® ronics is another. 
; Ultimate Power uses 
the latest pulse-width 
- modulation (PWM) 
= voltage regulation tech- 
_ Niques for 10 times faster 
response to critical load changes. 
With innovative designs requiring fewer parts, 
system reliability exceeds 100,000 hours. 
Installation and maintenance is easy, too. 
In fact, the average system installs in only 
about four hours compared to two-to-three 
days for some competitive units. 
EPE systems range in size from three 


SOLID MAINTENANCE BYPASS 


STATE 


to 600 KVA. Six or more modules can be 
paralleled to increase ratings to 3600 KVA 
and beyond, building in fail-safe redundancy. 


We've caused a 
revolution in rotary. 


EPE motor-generator sets are not the big, 
rumbling cellar dwellers of old. They're 
small, as reliable as static systems, cheap 
to maintain, quiet and run cool enough 
to blend right into your computer room. 
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Dial-Guard, Suite 140, Building 1, 
3000 Sand Hill Road, Menlo Park, Calif. 
94025. 
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Thoroughbred Software, a division of 
Concept Omega Corp., has rolled out 
Thoroughbred Passport. 

Thoroughbred Passport enables value- 
added resellers to tie their proprietary 
software applications to a particular hard- 
ware system through the use of serial 
numbers, a method that does not restrict 
auser’s ability to make backup copies, the 
company said. 

Passport will be bundled with the com- 
pany’s Thoroughbred Basic under Unix 
and Microsoft Corp. Xenix and with Thor- 


SECURITY 





PRODUCTS 


oughbred/OS, the company’s proprietary 
operating system. The Passport device 
plugs into a serial port on the computer 
system. 

Thoroughbred Passport is priced from 
$495 to $12,995, depending on computer 
system size. 

Thoroughbred Software, P.O. Box 
1035, 102 Old Camplain Road, Somer- 
ville, N.J. 08876. 
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Black Box Corp. has rolled out the 
Black Box Data Protector security 
device. 

The product has a proprietary cryp- 
tography coder that encrypts data before 
it is transmitted and decrypts the data 


when it is received at the other end, using 
the Data Encryption Standard algorithm. 

The Black Box Data Protector sup- 
ports most synchronous RS-232 personal 
computers and terminals, and it operates 
in either half- or full-duplex modes at se- 
lectable data rates of 110 bit/sec. to 9.6K 
bit/sec. 

Black Box Data Protector costs $495. 

Black Box, P.O. Box 12800, Pitts- 
burgh, Pa. 15241. 
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Topaz, Inc. has announced the Power- 
maker Micro UPS off-line system. 
The Powermaker Micro UPS is an off- 
line uninterruptable power supply (UPS) 
system that reportedly provides the pro- 


ims are now available 


states. 


Full UPS protection 
comes from Powerbloc 
UPS, a unique off-line 
inverter/battery module. 

At the first sign of a 
power drop, Powerbloc 
_ UPS swings from standby 
mode-no noise, no load, 4 
no heat-to full emergency Z 
back-up protection. 3 

Generator “ridethrough” 
inertia provides clean 4 
power for up to two 
seconds-far more time 
than Powerbloc UPS 
needs to start providing 
power. 


Powerbloc is the only UPS 
system you can grow into. 


to power centers to line conditioners to our 
Environmental Monitoring Systems (EMS). 
And only EPE can provide the kind of 


Simply start with a Powerbloc power 
conditioner now and add a Powerbloc UPS 
later when you're sure you need it and can 
afford it. 

Or if you already have a power condi- 
tioner, simply add a UPS unit to it. Suddenly 
youll have complete UPS protection at a 
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fraction of the cost of a whole new system. 
Ask that of any other UPS supplier. 


One-UPS-manship. 


Regardless of which UPS state you prefer, 


only EPE offers both. 

Only EPE has a broad product line from 
switchgear to loadbanks to transformers 
JUNE 3. 1987 Circle Reader Service Number 79 


objectivity you need for such a critical UPS 
decision. Write, call or send in this cou- 


pon today. 


I'm interested. 


Sei me: O EPE power protection guidebook O Infor- 
mation on your seminars near me. DA sales person. 
Info on: 0 UPS systems O Power conditioners 0 Com- 
puter Power Centers O Isolation transformers 0 EMS 
systems 0 Custom switchgear and loadbanks. 


Name Title. 


Affiliation 
Address. 


Phone 


I have. 


computers. 
(no., size, brand) 
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tection of an on-line UPS. It consists of a 
power conditioner, battery charger, bat- 
tery, inverter, static transfer switch anda 
surge-suppression network. 

According to Topaz, the unit provides 
100db of common-mode noise attenua- 
tion and 70db of normal-mode noise at- 
tenuation. It corrects voltage fluctuations 
as large as plus or minus 20% nominal 
voltage to within plus 6% to minus 8%. 

If commercial power fails, the UPS in- 
verter is said to switch on and begin sup- 
plying steady, noise-free AC power to the 
protected equipment in less than 1 msec. 
Powermaker Micro UPS is available in 
power ratings of 1.8kVA and 1.5kVA in 
models with or without power condition- 
ing. 

Prices for Powermaker start at 
$2,550. 

Topaz, 9192 Topaz Way, San Diego, 
Calif. 92123. 
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Cylink Corp. has announced the Fax- 

lok facsimile machine encryptor. 
Faxlok is an encryption device de- 

signed to work with most Group III fac- 


Faxlok fax machine encryptor 


simile machines. The unit sends either en- 
crypted or clear text with no reduction in 
message quality, according to Cylink. It 
also supports unattended facsimile opera- 
tion. 

Faxlok is priced at $2,450 per unit. 

Cylink, 920 W. Fremont Ave., Sunny- 
vale, Calif. 94087. 
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Unisys Corp. has unveiled Infoguard 
security software. 

Infoguard allows Unisys A series main- 
frame users to identify a security adminis- 
trator who has exclusive authority to es- 
tablish and maintain the security 
environment. 

Infoguard is available through a five- 
year extended-term purchase priced from 
$8,450 or on a monthly license basis 
priced from $250. 

Unisys, P.O. Box 418, Detroit, Mich. 
48232. 
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Racal-Vadic, Inc. has released the 
VA930 Callback Security System. 

The VA930 Callback Security System 
is internal to Racal-Vadic’s MDS-II Sys- 
tem Controller chassis and protects host 
computers from unauthorized access. 

The system provides three levels of ac- 
cess security: standard callback that calls 
back work-at-home employees at a phone 
number stored in the VA930 data base; 
programmed callback that enables travel- 
ing employees to specify a callback num- 
ber during initial call-in; and pass-through 
access that connects authorized users di- 
rectly to the host without callback. 

The VA930 is priced at $2,995. 

Racal-Vadic, 1525 McCarthy Blvd., 
Milpitas, Calif. 95035. 
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Why did IBM go with a 31-bit ad- 
dressing scheme instead of a 32- 
bit one for its MVS/XA system? 
Felix M. Robbins 
Robbins Consulting 
Houston 
Tom Belz, senior com- 
munications specialist, 
IBM: The answer to the 
question appears in the 
article titled ‘‘Sys- 
tem/370 Extended Ar- 
chitecture: Design Con- 
siderations” by A. 
Padegs in the IBM 
Journal of Research 
and Development [Vol. 
27 Number 3, May 
1983]. I am quoting 
from page 201: 

“The process to introduce 31-bit ad- 
dressing into Svstem/360-System/370 
architecture started in the late 1960s 
when the new program status word and 
control register formats were estab- 
lished. 

Although it was clear at the outset that 
an entire 4-byte field would have to be al- 
located for the extended address, the de- 
cision subsequently had to be made 
whether to use 31-bit addresses or con- 
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SECURITY 
PRODUCTS 


The following questions were solicited from users and conveyed to 
vendors for responses 


tinue with the 32-bit format introduced 
on the Model 67. The 31-bit format was 
chosen so as to provide space (high-order 
bit position) for a control or escape bit 
within the 4-byte address field. It was felt 
that the ability to ad- 
dress 4G bytes of stor- 
age with a 32-bit ad- 
dress instead of 2G 
bytes with a 31-bit ad- 
dress did not justify the 
potential inconvenience 
in the handling of the 
control or mode bits.” 


How do you con- 
vert from Prime 
Computer, Inc.'s In- 
form data base to 
an ASCil format? 

Harry Bass 
Bass Brothers, Inc. 
Dallas 
Joe Burke, group marketing manager, 
Prime: The question is a broad one, so I 
have made some assumptions about your 
intentions in asking it and have replied 

based on each set of assumptions. 
Inform is the report generator within 
Prime’s Prime Information data base 
management product and does not, by it- 
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self, have anything to translate, although 
its output may be saved and translated. 
Instead, you may be intending to translate 
a data file from within Prime Information 
itself. 

Also, ASCII may be either a simple 
SAM or “flat” file (Prime Information 
files are segmented on the disk) or 8-bit 
ASCII format and not the 7-bit ASCII for- 
mat that Prime utilizes on its computer 
systems. 

Let’s begin with the easiest interpreta- 
tion of the question: producing a report 
and creating a SAM file. When you run In- 
form, you may generate the report to the 
spooler or to a hold file by adding LPTR 
(line printer) to the Inform statement and 
adjusting your assigned printer using the 
SETPTR command. The report that is 
generated already exists as an image- 
ready flat file, and you may edit, copy, 
print or download it in this condition. 

To convert an existing Prime Informa- 
tion file of segmented variety to a flat file 
simply create a new data file, choosing a 
TYPE 1 from the type list that appears 
with the CREATE.FILE command. The 
TYPE 1 file accommodates records in a 
SAM format, and you may now simply ex- 
ecute a COPY command to move records 
from one file format to another. 

To convert a Prime Information file to 
an 8-bit ASCII format requires a little pro- 
gramming. You would have to write a 
short Info/Basic program calling a For- 
tran, Cobol or PL/1 subroutine. The pro- 
gram would select the data records that 
you wanted to convert from a file and pass 


Programmable Security 
Interfaces 


mach, ACE, 


them to the subroutine, which would do 
an upper bit conversion and write the data 
to the output device, whether that device 
is a printer, tape drive or another system. 
A future release of Prime’s Primos oper- 
ating system will provide a facility to per- 
form this operation more efficiently. 

If the object of this exercise is to down- 
load data files to a personal computer, the 
job gets much easier using two existing 
Prime products. Prime has a product 
called Primelink, which does ASCII con- 
version automatically and transparently, 
allowing you to move files between a 
Prime system and a DOS-based proces- 
sor. 
There is also a version of the Prime In- 
formation data base environment avail- 
able from Prime that runs on Microsoft 
Corp. MS-DOS 2.1 or higher. This ver- 
sion allows the personal computer user to 
access superminicomputer files transpar- 
ently in real time and execute the ASCII 
conversion automatically. 


The Hot Seat column consists of prod- 
uct- and service-related questions that 
you, our readers, would like us to ask a 
particular vendor. 

Call us, toll free, at 1-800-343- 
6474 if you have a question. Or, for- 
ward your inquiries to Lory Zottola, 
Managing Editor, Computerworld Fo- 
cus, 375 Cochituate Road, Box 880, 
Framingham, Mass. 01701-9171. 

You'll never know unless you ask. 
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DataLOCK 4000 Front-End Controller Offers 
“Totally Integrated" Dial-Up Security 


PLUS: 


and much more... 
Call or write today! 
(609) 395-7800 


Concurrent "Multi-Mode" Operation on EACH Line 
Utilization Monitoring for Network Analysis 
Automatic Log-On to Host using "Token" ID 
Automatic Session Log-Off Upon Disconnect 
Completely Programmable System Configuration 
Comprehensive Audit Trail in ALL Modes 
Universal Hardware Compatibility 


MicroFrame, Inc. 
2551 Route 130 
Cranbury, N.J. 08512 
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Computerworld Focus has always been one of the smartest buys 
around. Because it lets you maximize the impact of your advertising by 
surrounding your message with timely editorial that’s relevant to your com- 
pany’s product or service. In the coming year, you'll be able to target your 
message in issues devoted to topics like communications, personal com- 
puters, operating systems, applications software and more. 

So put more Focus into your advertising for 1987. And reach the 
$120 billion market consisting of more than 127,000 paid Computerworld 
subscribers, plus thousands more in pass-along readership and bonus distri- 
bution at major national shows. 

So don't shotgun your advertising budget when targeting your 
audience is so simple. 

All you have to do is get your message in Focus. 


Computerworld Focus Topic issue Date Closing Date* Show Distribution 


PC's August 12- July 3 PC Expo 
Communications September 9 August 7 TCA & Info ‘87 
Information Centers** October 7 September 4 

PC's November 4 October 2 Comdex/Fall 
Software December 2. October 30 Dexpo West 


* Premium positions close one week prior to the published closing date above 
** Starch Ad Study Issues 
For more information, contact Ed Marecki, Vice President/Sales, 
Computerworld Focus, 375 Cochituate Rd., Box 9171, Framingham, MA 
01701-9171 (617) 879-0700. Or contact your local Computerworld sales 


representative. 
A CWCI Publication 
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BOSTON: 375 Cochituate Road, Box 9171, Framingham, MA 01701-9171, (617) 879-0700 NEW YORK: Paramus Plaza, |, 140 Route 17 North, Suite 312, 
Paramus, NJ 07652, (201) 967-1350 WASHINGTON, D.C.: 3022 Javier Rd., #210, Fairfax, VA 22031, (703) 280-2027 CHICAGO: 2600 South River Road, 
Suite 304, Des Plaines, IL 60018, (312) 827-4433 ATLANTA: 1400 Lake Hearn Drive, Suite 330, Atlanta, GA 30319, (404) 394-0758 DALLAS: 14651 Dallas 
Parkway, Suite 304, Dallas, TX 75240 (214) 233-0882 LOS ANGELES: 18004 Sky Park Circle, Suite 255, Irvine, CA 92714, (714) 261-1230 
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Blue Beat 


Continued from page 51 


and sophisticated communica- 
tions. As the level of interaction 
between systems increases, so 
do the dangers of security 
breaches. So as technology ad- 
vances, security systems must 
advance, too. 


But MIS managers can’t tack- 
le the job alone. They must con- 
vince IBM and other vendors, 
who are moving full steam ahead 
on improving communications 
between various architectures, 
that they must also spend time 
improving security. 

IBM is aware that technologi- 
cal innovation brings a greater 
chance of security breaches. 


SEC UR ity 
PRODUCTS _ 


While the company does offer a 
number of security options — in- 
cluding the RACF for main- 
frames — it is hesitant to edu- 
cate its users to this fact. 


IBM's reluctance 

The reticence of IBM and other 
vendors lies in the fact that rais- 
ing security concerns is not a 
positive selling approach. Nor 


are these companies eager to 
add to the cost of a large installa- 
tion — strong security systems 
can be expensive, and installa- 
tion and training can be lengthy 
processes. 

Nevertheless, IBM sales rep- 
resentatives must commit to 
working with users to develop 
adequate security systems. In 
turn, users must insist that they 





Not in My Lifetime! 


The future may bring something new, but 
today, businesses like yours depend on 
computer-based online solutions built by 
professional programmers. However, the 
tools available to your staff are — 


C Time consuming, complex, tedious 
command level Cobol. 

0) Fourth Generation Languages that ask 
you to fit your problems to the capa- 
bilities of the product. 

C Or bizarre, difficult, cumbersome new 
languages that offer outrageous pro- 
ductivity claims. 





Only to find that any advantages are lost 
to an insurmountable learning curve or are 
offset by an extremely painful performance 
penalty. 

That is, until now. 

Goal Systems delivers productivity and 
performance with Classic/AL. The com- 
pletely online development system for 


developing complete online applications. 
With Classic/AL you don’t get — 


1 A strange language your programmers 

can’t or won’t learn. 

A strange development concept that 

doesn’t fit your existing systems or 

methodologies. 

JA strange pseudo-code that hogs 
machine cycles during execution. 

















Instead you get a logical Cobol-skill-based 
system that doesn’t compromise existing 
standards or naming conventions. You can 
even utilize existing Cobol copybooks. 

You get a system that executes real 370 
instructions. Not some interpretive, inter- 
mediate code. 

You get a single session online environ- 
ment to design, prototype, develop, test, 
debug, and maintain real online applica- 
tions. From the simplest to the most 
demanding of programs. 


Call 800-848-4640 or write today for a free, 
no obligation trial and complimentary 
poster. 


Classic AL 


and your professional programmers. 
Perfect together. 


r 


| Mail To: Goal Systems International 
5455 N. High Street 
Columbus, OH 43214-1193 


Name 

Title 
Company 
Address 
City/State/Zip 


Phone _! ) 
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receive proper help. 

Many managers aren’t even 
aware of the threat that new 
IBM technology poses. 

While they’re busily digesting 
the reams of technical informa- 
tion involving Systems Applica- 
tion Architecture (SAA), Token- 
Ring enhancements and the 
Personal System/2, few MIS 
managers are analyzing the se- 
curity Changes necessitated by 
this technology. 

Under SAA, for instance, us- 
ers will be able to access far 
more mainframe data from a per- 
sonal computer than ever be- 
fore. Without a proper security 
system, that could pose a serious 
problem. 

Before installing any new 
technology, IBM or otherwise, 
MIS departments must do a 
complete risk analysis. This 
study can only be done effective- 
ly if it is performed in conjunc- 
tion with a vendor that under- 
stands the security 
shortcomings of its system. 

Managers must also take into 
account human shortcomings so 
they know when and where data 
security breaks are likely to oc- 
cur and who is likely to commit 
them. 

These two groups must work 
together to assure that strate- 
gies for dealing with potential 
risks are put into place as the 


Many managers aren’t 
even aware of the 
threat that new IBM 


technology poses. 


technology itself is installed. 

But technical solutions aren’t 
always the answer. 

Just as IBM assists in installa- 
tion and system training, it must 
work with companies and users 
to launch serious educational 
programs that address security 
issues. An effective system 
means that users at all levels 
must be made aware that it ex- 
ists. 

The first group to educate 
must be the corporate staff. 
Strong support from corporate 
managers is essential for an ef- 
fective security system. 

Not only must upper level 
management foot the bill for a 
system, but it must also throw its 
weight solidly behind it so that 
security is taken seriously at all 
levels of the the company. 

All of this is a big job — too 
big for the MIS departments to 
take on alone. IBM support for 
such projects is essential, both 
technologically and psychologi- 
cally. The alternative is decided- 
ly unattractive — businesses 
that can’t protect their data from 
anyone — and television shows 
that promote this shortcoming. 


Depke is editor of “IBM Watch,” a bi- 
weekly newsletter published by IDG 
Communications, Inc. 
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June 14-20 


Localnet East Exhibition 
and Conference. New York, 
June 15-17 — Contact: Carol 
Peters, Online International, 
Inc., 989 Avenue of the Ameri- 
cas, New York, N.Y. 10018. 


Network Protocols | and 
Standards. San _ Francisco, 
June 15-17 — Contact: Systems 
’ Technology Forum, Suite 150, 
10201 Lee Highway, Fairfax, 
Va. 22030. 


Local Communications Sys- 
tems. Dallas, June 15-17 — 
Contact: Systems Technology 
Forum, Suite 150, 10201 Lee 
Highway, Fairfax, Va. 22030. 


The National Computer 
Conference (NCC). Chicago, 
June 15-18 — Contact: NCC 
87, American Federation of In- 
formation Processing Societies, 
Inc., 1899 Preston White Drive, 
Reston, Va. 22091. 


The Third International In- 
tegrated Services Digital 
Networks Exposition. Atlan- 
ta, June 15-19 — Contact: 
Christopher Kennelly, Informa- 
tion Gatekeepers, Inc., 214 Har- 
vard Ave., Boston, Mass. 02134. 


Telecommunications Man- 
agement. Dallas, June 17-19 
— Contact: Business Communi- 


cations Review, 950 York Road, 
Hinsdale, Ill. 60521. 


Data Networks: Manage- 
ment, Operation and Con- 
trol. Arlington, Va., June 17-19 
— Contact: Technology Trans- 
fer Institute, 741 Tenth St., San- 
ta Monica, Calif. 90402. 


Releasing the Power of PC- 
DOS/MS-DOS. Morristown, 
NJ., June 18-19 — Contact: 
The American Institute, Carne- 
gie Building, 55 Main St., Madi- 
son, N.J. 07940. 


Telecommunications Man- 
agement Software: How to 
Plan and Select. New York, 
June 18-19 — Contact: Business 
Communications Review, 950 
York Road, Hinsdale, Ili. 60521. 


IBM Product Strategies and 
Architectures. Philadelphia, 
June 18-19 — Contact: Data- 
Tech Institute, P.O. Box 2428, 
Lakeview Plaza, Clifton, NJ. 
07015. Also being held June 25- 
26 in Boston. 


June 21-27 


Essential Systems Develop- 
ment: A Fourth-Generation 
Methodology. San Francisco, 
June 22-24 — Contact: Technol- 
ogy Transfer Institute, 741 
Tenth St., Santa Monica, Calif. 
90402. 
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Network Design. New York, 
June 22-24 — Contact: Systems 
Technology Forum, Suite 150, 
10201 Lee Highway, Fairfax, 
Va. 22030. 


Managerial Planning for the 
Security and Privacy of Con- 
temporary Computer and 
Telecommunications  Sys- 
tems. Cambridge, Mass., June 
22-26 — Contact: Office of the 
Summer Session, Room E19- 
356, 50 Ames, Massachusetts 
Institute of Technology, Cam- 
bridge, Mass. 02139. 


Contract Negotiation and 
System Implementation. At- 
lanta, June 25-26 — Contact: 
Business Communications Re- 
view, 950 York Road, Hinsdale, 
Ill. 60521. 


Understanding and. Select- 
ing Voice Messaging Sys- 
tems. Seattle, June 25-26 — 
Contact: Business Communica- 
tions Review, 950 York Road, 
Hinsdale, Ill. 60521. 


June 28-July 4 


T1 Networking. Dallas, June 
29-July 1 — Contact: Systems 
Technology Forum, Suite 150, 
10201 Lee Highway, Fairfax, 
Va. 22030. 


Voice/Data PBXs. Washing- 
ton D.C., June 29-July 1 — Con- 
tact: Systems Technology Fo- 
rum, Ste. 150, 10201 Lee 
Highway, Fairfax, Va. 22030. 


Vice President/Sales/Edward P. Marecki, COMPUTERWORLD, 375 Cochituate Road, Box 9171, Framing- 
ham, MA 01701-9171, (617) 879-0700 


BOSTON SALES OFFICE Northern Regional Manager/Michael F. Kelleher, District Managers/David Peter- 
son, Bill Cadigan, Sherry Driscoll, Account Manager/John Watts, Sales Assistant/Alice Longley, COMPU- 
TERWORLD, 375 Cochituate Road, Box 9171, Framingham, MA 01701-9171 (617) 879-0700 


CHICAGO SALES OFFICE Midwest Regional Manager/Russ Gerches, District Managers/Kevin McPherson, 
Larry Craven, Sales Assistant/Kathy Sullivant, COMPUTERWORLD, 2600 South River Road, Suite 304, 
Des Plaines, IL 60018 (312) 827-4433 


NEW YORK SALES OFFICE Eastern Regional Director/Michael J. Masters, Senior District Manager/Doug 
Cheney, District Managers/Fred Lo Sapio, Frank Genovese, Account Manager/Paula Smith, Sales Assis- 
tants/Mary Tagliareni, Sue Larson, COMPUTERWORLD, Paramus Plaza |, 140 Route 17 North, Paramus, 


NJ 07652 (201) 967-1350 


LOS ANGELES SALES OFFICE Western Regional Director/William J. Healey, District Manager/Carolyn 
Knox, COMPUTERWORLD, 18004 Sky Park Circle, Suite 255, Irvine, CA 92714 (714) 261-1230 


SAN FRANCISCO SALES OFFICE Western Regional Director/William J. Healey, Senior District Manager / 
Barry Milione, District Managers/Ernie Chamberlain, Mark V. Glasner, Stevan Phillips, Account Manager/ 
Alicia Hodge, COMPUTERWORLD, 300 Broadway, Suite 20, San Francisco, CA 94133 (415) 421-7330 


ATLANTA SALES OFFICE Eastern Regionai Director/Michael J. Masters, District Manager/Jeffrey Mel- 
nick, Sales Assistant/Melissa Christie, COMPUTERWORLD, 1400 Lake Hearn Drive, Suite 330, Atlanta, 
GA 30319 (404) 394-0758 


DALLAS SALES OFFICE Midwest Regional Manager/Russ Gerches, District Manager/Kevin C. Harold, 
COMPUTERWORLD, 14651 Dallas Parkway, Suite 304, Dallas, TX 75240 (214) 233-0882 


WASHINGTON D.C. SALES OFFICE Eastern Regional Director/Michaei J. Masters, District Manager/Ber- 
nie Hockswender, COMPUTERWORLD, 3022 Javier Road, #210, Fairfax, VA 22031 (703) 280-2027 
PRODUCT CLASSIFIED ADVERTISING Product Classified Advertising/Account Manager Peter Slingluff, 
375 Cochituate Road, Box 9171, Framingham, MA 01701-9171 (617) 879-0700 

RECRUITMENT ADVERTISING National Recruitment Sales Director/John Corrigan, 375 Cochituate Road, 
Box 9171, Framingham, MA 01701-9171 (617) 879-0700 


RECRUITMENT ADVERTISING SALES OFFICES 
Recruitment Manager/Al DeMille 


New England 


375 Cochituate Road, Box 9171, Framingham, MA 01701-9171 (617) 879-0700 


New York Recruitment 


'/Warren Kolber 


Manager, 
Paramus Plaza 1, 140 Route 17 North, Paramus, NJ 07652 (201) 967-1350 


Midwest 


2600 S. River Road, Suite 304, Des Plaines, IL 60018 (312) 827-4433 


Western Recruitment Manager/Barbara M 


lurphy 


18004 Skypark Cicrie, Suite 100, Irvine, CA 92714 (714) 250-0164 
Mid-Atlantic Recruitment Manager /Kathryn Kress 
3110 Fairview Park Drive, Suite 1040, Falls Church, VA 22042 (703) 876-5100 
RECRUITMENT TELEMARKETING ACCOUNT EXECUTIVES 
New England, New York/Jay Novack, Mid-Atlantic/Pauline Smith 


JUNE 3, 1987 


Midwest/Elien Casey, Western/Nancy Percival 
Toll Free: 1-800-343-6474 or (617) 879-0700 


COMPUTERWORLD 


48 
c4 








Advertisers Index 


Page number 


Advertiser 


Amdahl Corp. 
800-538-8460 
Applix Inc. 
617-870-0300 
AT&T 
1-800-CLP-INFO 


Business Software Inc. 
404-449-3200 


Chicor 

312-454-9670; 203-359-5639 
Comdisco 
312-698-3000 
Compusource 
919-469-3325 
Computer Associates 
800-645-3003 

CW Circulation 
617-879-0700 

CW Focus 
617-879-0700 


DataGuard 

800-433-0339; in OHIO, 1-216-526-6373 
Data General Corp. 

1-800-DATAGEN; 1-800-268-5454 
Datasphere 

1-800-221-0575; in NJ call 201-382-2300 
Digital Equipment Corp. 

EAC 


Electrorep Datacomm 
516-752-0585 

Emergency Power Engineering 
714-557-1636 

Emerson 

1-800-BACKUPS, ext. 28; 714-545-5581 
Equicor Technologies 
215-861-2800 


Fisher International 
800-237-4510; in Florida 813-643-1500 


Goal Systems 
1-800-848-4640 
Gould 

1-800-GOULD-10 


Harris Corp. 
800-4-HARRIS, ext. 4021 


IDG Corporate 
617-875-5000 
Imulec 
516-581-6803 


Liebert Corp. 
614-888-0246 

Local Data 

213-320-7126 

LPC 

800-852-0852; 312-932-7000 


MicroFrame 

609-395-7800 

Micro Security 
801-972-0579 

Mosaic Computer Security 
617-491-2434 


On-Line Systems 
800-642-0177 


Provident 
919-481-0011 


Software Technology & Research(STAR) 
1-800-258-STAR: in CT, 203-529-7128 

Stratus 

617-460-2192 

Sunguard 

800-523-4970 


Techland 
800-TECHLAN; in NY, 212-684-7788 


VM Software, Inc. 
800-562-7100; 703-264-8000 


Xerox Corp. 
800-TEAM-XRX, ext. 187B 


This index is provided as an additional service. 
The publisher does not assume 
any liability for errors or omissions. 


FOCUS 59 





2.05°10-9 - Same as for hurricane plus personnel saf 
2.6*10 — and pressure release vents. : 


oftware in the summer. 

July’s Focus examines an 

array of software pro- 

ductivity tools and 

trends. We’ll look at AI 
and high-end application generators as well 
as user interface management systems. In 
addition to software development, engi- 
neering and maintainence, Focus will cover a study of management 
in the 1990s. Meet the new kids on the equipment and services block, 
and check out IBM’s Personal System/2 strategy. Don’t let the lazy 
days of summer keep you from making the most of your software! 
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Backing up 
PC data 


uring the past five years, an esti- 

mated 12 million personal comput- 

ers have been installed in U.S. busi- 

nesses. This PC boom _ has 
revolutionized the way people work with corpo- 
rate data. Information that once took days to get 
is now often available immediately and can be ma- 
nipulated by most any PC user. 

The positive effect of this democratization of 
corporate data is that decisions are made more ef- 
ficiently. However, there has also been a nega- 
tive effect on the way corporate information is 
treated. Stand-alone PCs have 
made it much harder to maintain 
data’s security and integrity. 

Take, for instance, the simple 
problem of hard-disk backup. 

With traditional shared-storage 
systems, MIS would manage, 
back up and be accountable for 
the data stored on a system. 
With stand-alone PCs, however, the process 
must be entrusted to each user instead, and the 
majority of PC users remain astoundingly disin- 
terested in backing up their data. 

Sensitive data can also fall prey to more mali- 
cious intentions. An employee leaving the compa- 
ny may decide that information stored on a PC 
would be helpful in a new job. PC floppy disks of- 
fer an excellent means by which to take a great 
deal of information out of an office. 

The search for a solution to these problems 
has led many an MIS director to the conclusion 
that hooking PCs into a centralized hub, such as a 
local-area network (LAN) server or departmen- 
tal computer, will help harness the flow of PC- 
based information by providing a centralized spot 
for data to be stored. 

How much control a LAN server or depart- 
mental system can lend to an environment of 
stand-alone PCs depends on the sophistication of 
its operating system software. However, some 
LAN operating systems (Novell, Inc.’s Advanced 
Netware, for example) are beginning to offer fa- 
cilities for automatic backup of data stored on 
connected PCs. 

But connecting standard PCs to a LAN or de- 
partmental system will do nothing about a user’s 
ability to transfer sensitive data to floppies. Disk- 
less PCs propose a way to solve this problem. As 
with dumb terminals, diskless workstations force 
all data storage and management to be handled 
centrally. Although users with diskless PCs can- 
not store files locally, they retain some of the per- 
formance benefits of distributed processing. 

However, it is important for users to realize 
that they owe much of the PC’s performance ad- 
vantage to fast local storage. When relying on 
centralized storage, a diskless PC user will be di- 
rectly affected by both the speed of the link to the 
central system and the number of users on that 
system. Local hard-disk storage is all but becom- 
ing a necessity for more sophisticated PC applica- 
tions that are growing in size and complexity. 


Roberts is manager of personal computer research at Inter- 
national Data Corp., a Framingham, Mass.-based industry re- 
search firm. 
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TOO LATE. 


If you're on the office route slip, you're getting 
COMPUTERWORLD too late. 

You need to know the most up-to-date news in the 
computer field as it happens. Hot off the presses. While 
you can still use it. 

COMPUTERWORLD keeps you on top of all the latest 
news, products, people, developments, trends, ideas and 
issues. Plus, we’ve expanded our coverage of microcom- 
puting and networking, and we've added SPOTLIGHT — 
a handy pull-out section that can be saved for future 
reference. 


Each SPOTLIGHT features a particular product category 
with surveys of key vendors and tables outlining prices, 
vendors and specifications. Plus, with DAIL-INQ you can 
request information about products in SPOTLIGHT with 
just one phone call! 

So get off the route slip and get your own copy of 
COMPUTERWORLD for just 76¢ a week! That's $38.95 for 
51 weekly issues of COMPUTERWORLD, plus 12 issues of 
Computerworld Focus — FREE. Each FOCUS issue pro- 
vides in-depth coverage of a current hot topic such as 
information centers, PCs, software, and more. 

Subscribe today! Call toll-free 1-800-544-3712 

(in PA, call collect 215-768-0388) or use the convenient 
postage-paid order cards in this issue. 


COMPUTERWORLD 


THE NEWSWEEKLY FOR THE COMPUTER COMMUNITY. 





At Last. An Office Software System 
for the Highest 
Common Denominator. 


Alis. Designed for the professional office. 

If your company’s success hinges on the work of 
professionals, the engineer, the business profes- 
sional, the scientist, we have a suggestion to make. 


Consider Alis. The office software system designed 
specifically for the professional office. 


It networks workstations, PCs and terminals 
company-wide. So your professionals have the time 
to do the job they were hired to do, and their staff 
gets professional-looking results quickly and easily. 


Spend more time on the job. And less on paperwork. 
Studies show that many business and engineering 
professionals spend more than 50% of their 

time on administrative tasks. Chances are, it’s 

not much different in your firm. 


Reducing that percentage of non-productive time is 
what Alis is all about. Because Alis combines the 
benefits of communications-based office automation 
systems with the advantages of graphics-based 
personal computer applications. 


Alis is available right now. 

On equipment your people use right now: Apollo, 
Compaq, Digital VAX, Hewlett-Packard, Honeywell, 
IBM RT PC, Masscomp, NCR Tower, and Sun. 
Chances are Alis can be networked across them with 
complete transparency. For example, VAXs and 
68000-based workstations and MS-DOS PCs. 


To find out more, contact your local representative 
of the companies mentioned above. 

Or call Mike Beringer, V.P North American Sales, 
at Applix (617) 870-0300. 


Alis combines text, spreadsheets, graphics and database in single, always 
editable documents CJ handles proportionally-spaced and multiple-size 
fonts WYSIWYG-style CF) provides automatic formatting of reports, letters, 

memos, etc. [1] sophisticated equation-solving spreadsheet CJ drawing, 
scanned images and business graphics C] personal and office 

databases CJ integrated electronic mail and meeting scheduling FH) multiple 
windows (] supports graphic workstations, PCs and terminals. 


Alis, ApplixiA, and Applix are registered trademarks of Applix, Inc 
T PC is atrademark of International Business Machines, Inc 

VAX is a registered trademark of Digital Equipment Corporation 
MS-DOS is a trademark of Microsoft Corporation. 


The integrated software system for the professional office. 


Finally, some answers in Wonderfand. 


APPLIX, INC., 112 TURNPIKE ROAD, WESTBORO, MASSACHUSETTS 01581 (617) 870-0300 
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